LastPass Parent Company GoTo Suffers Data Breach, Customers Backups Compromised

25-Jan-23

GoTo (formerly LogMeIn), the company that owns LastPass, said on Tuesday that in a November 2022 incident, unknown threat actors were able to acquire encrypted copies of some users’ data as well as an encryption key for some of those backups. According to the firm, the attack, which targeted a third-party cloud storage provider, affected the products Central, Pro, join.me, Hamachi, and RemotelyAnywhere. Customer usernames, encoded and hashing passwords, a part of multi-factor identification (MFA) settings, as well as various product settings and license information, may all be included in the impacted information, which varies by product.

Read More…