Tech News

GoTo hack sees attackers get encrypted customer backups, and encryption key

From 9to5mac.com


A GoTo hack related to the LastPass security breach was far worse than initially disclosed. The company, formerly known as LogMeIn, has revealed that attackers obtained not only encrypted backups of customer data, but also an encryption key for at least some of that data.

It’s a similar tale to the LastPass hack, which followed a similar path from low-key initial announcement to revelations that it was significantly worse than initially feared …

LastPass hack

GoTo affiliate company LastPass announced back in August that it suffered an attack on its own systems, but said at the time that there was no no sign that user data was compromised.

That changed in December, when the company revealed that the attackers did indeed access customer data. It said at the time that passwords were safe, as only the customer held the decryption key. LastPass later went further, and admitted that far more data was obtained.

Copies of customers’ password vaults were obtained along with names, emails, billing addresses, phone numbers, and more. 

The company continued to insist that customer logins were safe, but a security researcher accused it of telling “half-truths and outright lies.” Password-management rival 1Password then disputed that customer passwords were not at risk, due to weak security practices.

GoTo hack

Back in November, GoTo said that attackers gained access to the company’s development environment, and a third-party cloud storage company used by both it and LastPass.

The announcement was a relatively low-key one, in which it appeared that only company data had been accessed, not customer data.

However, the company recently began emailing customers, advising that backups of their data had been accessed.

The information in the affected backups include your Central and Pro account usernames and salted and hashed passwords. It also includes your deployment and provisioning information, One-ToMany scripts (Central only), some Multi-Factor Authentication information, licensing and purchasing data such as user emails, phone numbers, billing addresses, and the last four digits of credit card numbers (we do not store full credit card or bank details).

GoTo also admitted that an encryption key for at least some of the data had been obtained.

In addition, we have evidence that a threat actor also exfiltrated an encryption key for a portion of the encrypted data. However, as part of our security protocols, we salt and hash Central and Pro account passwords. This provides an additional layer of security within the encrypted backups.

Bleeping Computer, however, says that this may not be the full story.

While the company has not shared the type of encryption used for the backups, if they used asymmetrical encryption, such as AES, then it could be possible to decrypt the backups using the stolen encryption key.

GoTo is forcing password resets of affected accounts, but it wouldn’t seem that this would prevent access to the data already obtained by the hackers.

Photo: Markus Spiske/Unsplash


The post GoTo hack sees attackers get encrypted customer backups, and encryption key first appeared on 9to5mac.com

New reasons to get excited everyday.



Get the latest tech news delivered right in your mailbox

GoTo hack sees attackers get encrypted customer backups, and encryption key

5 Reasons Why You Should Try Online Horse Race Betting

In many places around the world, horse races are an attraction that a lot of people love to watch. With the fast-paced action and thrill that each game provides, it is no longer surprising to know that millions of fans have grown fond of it.
GoTo hack sees attackers get encrypted customer backups, and encryption key

NordLayer — more than a business VPN

Cybersecurity threats have become vast and more sophisticated. The rate of malware attacks and malicious activity counts within seconds despite the size or sector the organization belongs to — no one is safe enough to expect that foe actors will bypass vital company resources.

GoTo hack sees attackers get encrypted customer backups, and encryption key

You may also like

Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments

More in Tech News

×
* Popular *
0
Would love your thoughts, please comment.x
()
x