Powered by MOMENTUM MEDIA
cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

GoTo reveals extent of November breach: Backups and encryption keys affected

SaaS and remote working specialist GoTo has just announced more details about a data breach that occurred in November 2022 — and it is pretty bad.

user icon David Hollingworth
Wed, 25 Jan 2023
GoTo reveals extent of November breach: Backups and encryption keys affected
expand image

Paddy Srinivasan, GoTo chief executive officer, posted overnight that encrypted backups from a range of the company’s products were stolen. The backups from join.me, Central, Pro, Hamachi, and RemotelyAnywhere were hosted on a third-party cloud platform.

As well as the backups, encryption keys for some of them were also compromised. Srinivasan can’t confirm what data has been affected, but it “may” include salted and hashed passwords, usernames, and some multi-factor authentication details. Some product and licensing information may also have been infiltrated, as well as MFA settings for some of GoTo’s GoToMyPC and Rescue customers.

“At this time, we have no evidence of exfiltration affecting any other GoTo products other than those referenced above or any of GoTo’s production systems,” Srinivasan said in a statement.

============
============

The company is now contacting affected customers with advice on what steps they can take to secure their data, and is also resetting passwords.

“Even though all account passwords were salted and hashed in accordance with best practices, out of an abundance of caution, we will also reset the passwords of affected users and/or reauthorise MFA settings where applicable,” Srinivasan added.

All affected customers are also being moved onto an “enhanced identity management platform” to provide even more security.

Srinivasan then reconfirms that no credit card details are at risk, since they do not store those details, and nor does it collect any personal information.

GoTo’s woes seem to link back to an incident in August last year, when GoTo affiliate LastPass revealed the loss of some of its source code, which was stored on a cloud server also used by GoTo. In that instance, LastPass eventually admitted that a large amount of data was then compromised in November, and by December, that data including company names, end-user names, addresses, email addresses, user IP addresses, and telephone numbers were compromised.

GoTo said it too was affected by the November breach but offered no further details at the time.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.