January 25, 2023

GoTo Technologies, the parent company of password manager LastPass, has informed its customers that during a recent breach of its systems, hackers obtained encrypted backups and an encryption key to access some of them.

According to a blog post to customers, GoTo discovered that a threat actor exfiltrated encrypted backups from a third-party cloud storage service relating to the company’s Central, Pro, join.me, Hamachi, and RemotelyAnywhere products during an investigation into a “security incident” in November. “We also have evidence that a threat actor stole an encryption key for some of the encrypted backups,” the company added.

“The affected information, which varies by product, may include account usernames, salted and hashed passwords, a portion of Multi-Factor Authentication (MFA) settings, as well as some product settings and licensing information,” GoTo added.

In addition, the hacker stole the multi-factor authentication settings for a small number of GoTo Rescue and GoToMyPC customers; both products allow clients to remotely access a computer online. The intruders also stole customers’ encrypted backups from these services, as well as the company’s encryption key for securing the data, according to GoTo.

In its statement, GoTo provided no guidance and did not specify how many users may have been affected.

The sources for this piece include an article in TechCrunch.