IT management software company GoTo reported on Tuesday that during a 2022 breach that also affected its LastPass affiliate, an unidentified threat actor stole encrypted backups and an encryption key for some of that data.
This was the theft of account data, hashed passwords, a portion of Multi-Factor Authentication (MFA) settings, as well as some product settings and licensing information, according to GoTo chief executive Paddy Srinivasan, who confirmed the security breach was much worse than first reported.
According to Srinivasan, there is no proof that exfiltration has affected any other GoTo products or any of the company’s production systems.
Read More: GoTo Says Hackers Stole Encrypted Backups, MFA Settings
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.