![]() The company continues to reach out to customers hit by the breach with steps they should take to secure their accounts and data. It also had some users reconfigure their multi-factor authentication settings. The salted and hashed passwords should be safe in theory, but GoTo has still been forcing password resets on affected accounts. Credit card and banking details were not affected. Srinivasan says that the specific data stolen varies by product but includes things like user names, salted and hashed passwords, licensing information, and even Multi-Factor Authentication settings. For example, Hamachi is a hosted VPN service that, if compromised, could allow an attacker to access a private LAN environment. Many of the affected products are enterprise-facing, which makes them an especially juicy target. That encryption might not matter very much, as Srinivasan notes that the attacker also took an encryption key for "a portion" of those backups, but he does not specify which products. In a blog post (Opens in a new window), GoTo CEO Paddy Srinivasan explains that the hackers who accessed the company's servers were able to exfiltrate encrypted backups for Central, Pro,, Hamachi, and RemotelyAnywhere. And yes, user data from several of its products was taken by the attackers. ![]() The parent company now confirms that it, too, was targeted in the November incident. The password manager is owned by GoTo, the maker of products like GoToMyPC, Hamachi, and more. ![]() ![]() LastPass has been under intense scrutiny over the last few months following multiple security breaches that included the theft of user data, but it wasn't just LastPass.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |