A threat actor exfiltrated encrypted backups, which include account holders' usernames and passwords, as well as an encryption key for a portion of the encrypted backups, the company said in a blog post. The third-party cloud storage service is shared by both GoTo and its affiliate, LastPass.
\"Our investigation to date has determined that a threat actor exfiltrated encrypted backups from a third-party cloud storage service related to the following products: Central, Pro, join.me, Hamachi, and RemotelyAnywhere,\" it said.
What data has been compromised?<\/strong>
GoTo says that the stolen information varies by product and may include account usernames, salted and hashed passwords, a portion of Multi-Factor Authentication (MFA) settings, as well as some product settings and licensing information.
\"In addition, while Rescue and GoToMyPC encrypted databases were not exfiltrated, MFA settings of a small subset of their customers were impacted,\" the CEO of the company noted.
The company is now contacting affected customers to provide additional information and recommend steps to secure their accounts. The company also says it will reset the passwords of affected users and\/or reauthorise MFA settings where applicable. GoTo is also migrating its accounts onto an enhanced Identity Management Platform<\/a> to offer more robust authentication and login-based security options.
LastPass hacking<\/a><\/strong>
The development comes almost a month after LastPass CEO said that a hacker copied customer data with the help of the cloud storage access key and dual storage container decryption keys.
\"The threat actor copied information from a backup that contained basic customer account information and related metadata including company names, end-user names, billing addresses, email addresses, telephone numbers, and the IP addresses from which customers were accessing the LastPass service,\" he said.
Hackers also copied a backup of customer vault data from the encrypted storage container.
Soon after the incident, Computer Emergency Response Team<\/a> (CERT-In) issued an advisory, warning Indian users that cybercriminals can undertake phishing attacks to compromise their accounts.
<\/body>","next_sibling":[{"msid":97323062,"title":"ISRO's rocket to take OneWeb's 36 satellites to orbit in March","entity_type":"ARTICLE","link":"\/news\/isros-rocket-to-take-onewebs-36-satellites-to-orbit-in-march\/97323062","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[{"msid":"97318245","title":"Hacking","entity_type":"IMAGES","seopath":"gadgets-news\/lastpass-owner-goto-says-hackers-have-taken-customer-data-from-other-products\/hacking","category_name":"LastPass-owner GoTo says hackers have taken customer data from other products","synopsis":false,"thumb":"https:\/\/etimg.etb2bimg.com\/thumb\/img-size-36496\/97318245.cms?width=150&height=112","link":"\/image\/gadgets-news\/lastpass-owner-goto-says-hackers-have-taken-customer-data-from-other-products\/hacking\/97318245"}],"msid":97323150,"entity_type":"ARTICLE","title":"LastPass-owner GoTo says hackers have taken customer data from other products","synopsis":"A threat actor exfiltrated encrypted backups, which include account holders' usernames and passwords, as well as an encryption key for a portion of the encrypted backups, the company said in a blog post. The third-party cloud storage service is shared by both GoTo and its affiliate, LastPass. GoTo says that the stolen information varies by product.","titleseo":"telecomnews\/lastpass-owner-goto-says-hackers-have-taken-customer-data-from-other-products","status":"ACTIVE","authors":[],"analytics":{"comments":0,"views":281,"shares":0,"engagementtimems":1405000},"Alttitle":{"minfo":""},"artag":"TIMESOFINDIA.COM","artdate":"2023-01-25 20:46:16","lastupd":"2023-01-25 20:47:59","breadcrumbTags":["goto","lastpass","computer emergency response team","identity management platform","hacking","cybersecurity"],"secinfo":{"seolocation":"telecomnews\/lastpass-owner-goto-says-hackers-have-taken-customer-data-from-other-products"}}" data-authors="[" "]" data-category-name="" data-category_id="" data-date="2023-01-25" data-index="article_1">
- Telecom乐动扑克News
- 2分钟阅读
LastPass-owner GoTo说黑客已经从其他产品客户数据
威胁演员接加密备份,包括账户持有人的用户名和密码,以及部分的加密密钥加密备份,该公司在一篇博客文章中说。第三方云存储服务是共享的GoTo和其下属,LastPass。GoTo说被盗信息因产品而异。
读到
LastPass老板转到给了一个更新在2022年11月安全事件中远程协作和软件公司发现了一个不寻常的活动在其开发环境和第三方的云存储服务。它说,随着LastPass消费者数据,黑客能够得到来自其他企业产品的数据。
威胁演员接加密备份,包括账户持有人的用户名和密码,以及部分的加密密钥加密备份,该公司在一篇博客文章中说。第三方云存储服务是共享的GoTo和其下属,LastPass。
“我们的调查日期已确定,威胁演员接加密备份从第三方云存储服务相关的下列产品:中央,Pro,加入。我,Hamachi RemotelyAnywhere,”它说。
哪些数据被破坏?
GoTo说偷来的产品和不同的信息可能包括账户用户名、咸和哈希密码,多因素身份验证的一部分(MFA)设置,以及一些产品设置和授权信息。
“此外,救援和GoToMyPC加密数据库没有接,MFA设置它们的一小部分客户的影响,”该公司的首席执行官说。
受影响的公司现在联系客户提供额外的信息和建议措施来确保他们的账户。该公司还表示,它将影响用户的密码重置和/或批准MFA设置适用的地方。GoTo也是其账户迁移到一个增强身份管理平台提供更健壮的身份验证和安全的基于登录的选项。
LastPass黑客
发展是近一个月后LastPass CEO说,黑客复制客户数据的帮助下云存储访问密钥解密密钥和双存储容器。
“威胁演员从备份复制信息,包含基本的客户账户信息和相关元数据包括公司名称、最终用户名称,账单地址,电子邮件地址,电话号码,和客户访问的IP地址LastPass服务,”他说。
黑客也复制备份客户库数据的加密存储容器。
事件发生后不久,计算机紧急反应小组(、)发布了一个顾问,警告印度用户的网络可以进行钓鱼攻击妥协自己的账户。
威胁演员接加密备份,包括账户持有人的用户名和密码,以及部分的加密密钥加密备份,该公司在一篇博客文章中说。第三方云存储服务是共享的GoTo和其下属,LastPass。
“我们的调查日期已确定,威胁演员接加密备份从第三方云存储服务相关的下列产品:中央,Pro,加入。我,Hamachi RemotelyAnywhere,”它说。
哪些数据被破坏?
GoTo说偷来的产品和不同的信息可能包括账户用户名、咸和哈希密码,多因素身份验证的一部分(MFA)设置,以及一些产品设置和授权信息。
“此外,救援和GoToMyPC加密数据库没有接,MFA设置它们的一小部分客户的影响,”该公司的首席执行官说。
受影响的公司现在联系客户提供额外的信息和建议措施来确保他们的账户。该公司还表示,它将影响用户的密码重置和/或批准MFA设置适用的地方。GoTo也是其账户迁移到一个增强身份管理平台提供更健壮的身份验证和安全的基于登录的选项。
LastPass黑客
发展是近一个月后LastPass CEO说,黑客复制客户数据的帮助下云存储访问密钥解密密钥和双存储容器。
“威胁演员从备份复制信息,包含基本的客户账户信息和相关元数据包括公司名称、最终用户名称,账单地址,电子邮件地址,电话号码,和客户访问的IP地址LastPass服务,”他说。
黑客也复制备份客户库数据的加密存储容器。
事件发生后不久,计算机紧急反应小组(、)发布了一个顾问,警告印度用户的网络可以进行钓鱼攻击妥协自己的账户。
评论
现在评论 阅读评论(1)所有评论
找到这个评论进攻?
下面选择你的理由并单击submit按钮。这将提醒我们的版主采取行动