User data related to GoTo services like Hamachi, RemotelyAnywhere, Join.me, Central and Pro has been extracted. The info itself was stored on a server, where the LastPass user creds were being held too. While the info was encrypted, the attackers managed to steal the encryption key as well. Oops!
The affected information varies by product and isn’t equal across the board, but may include account names, passwords, MFA (Multi-Factor Authentication) settings, product settings and even product licenses. That’s a lot of information!
What is LastPass parent GoTo doing about the stolen user data?
Well, the right thing. They’ve started reaching out to affected customers with pointers as to what they can do to secure their accounts. They plan to offer additional help, if need be, but all affected customers have had their passwords reset immediately.
The good news is that at least nobody is getting robbed because of this, as GoTo doesn’t store payment info on their end. We can appreciate them being honest with their findings from this investigation, which has been going on pretty much since last August.
And, luckily, this doesn’t change the impact that the LastPass leak itself had. As such, no additional reason for concern has been uncovered by the investigation. Hopefully, all of this will blow over soon with no more shocking revelations.
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.