GoTo (formerly LogMeIn) is notifying customers that hackers have breached its development environment in November 2022 and have stolen encrypted backups containing customer information and an encryption key for a portion of that data.
GoTo provides a platform for cloud-based remote working, collaboration, and communication, as well as remote IT management and technical support solutions.
In November 2022, the company disclosed a security breach on its development environment and a cloud storage service used by both them and its affiliate, LastPass.
At the time, the impact on the client data was not confirmed as the company’s investigation into the incident with the help of cybersecurity firm Mandiant had just begun.
The internal investigation so far has revealed that the incident had a significant impact on GoTo’s customers.
According to a GoTo’s security incident notification, the attack affected backups relating to the Central and Pro product tiers stored in a third-party cloud storage facility.
The information present in the exfiltrated backups includes Central and Pro account usernames, passwords (salted and hashed). Deployment and provisioning information, One-to-Many scripts (Central only), Multi-factor authentication information as well as licensing and purchasing data like emails, phone numbers, billing address, and last four digits of credit card numbers.
GoTo is resetting Central and Pro passwords for impacted customers and automatically migrates accounts to GoTo’s enhanced Identity Management Platform.
This platform provides additional security controls that make unauthorized account access or takeover much more challenging.
All the affected customers are contacted by the company directly to offer more details and recommendations for steps to increase the security of their accounts.
The company also added that it still has no evidence that the threat actor ever got access to its production systems and says that man-in-the-middle attacks couldn’t have any impact on clients because TLS 1.2 encryption and peer-to-peer technology are used to prevent eavesdropping.
The investigation process is still ongoing and the company promised to update customers if they find more details.
Image Credits : GoTo