Blog Resources

GoTo.com Cybersecurity Breach: What You Need to Know

by | Jan 31, 2023 | Business, Cyber Security, IT Prevention, Software


On Monday, January 23, 2023, GoTo.com CEO, Paddy Srinivasan, provided an update on the ongoing investigation into a security incident that occurred in November 2022. In his statement, Srinivasan revealed that a threat actor had exfiltrated encrypted backups from a third-party cloud storage service related to several GoTo products. These products included Central, Pro, join.me, Hamachi, and RemotelyAnywhere. In addition, an encryption key for a portion of the encrypted backups was also exfiltrated.

This blog post will provide a detailed breakdown of the security incident at GoTo, the products and services that were affected, and the company’s steps to address the issue. We will also provide recommendations for customers to further secure their accounts and discuss the enhanced security measures that your organization should use to protect your computer network.

Timeline of Events

On November 30, 2022, GoTo announced that it was investigating a security incident. The company immediately launched an investigation, engaged a leading security firm, and alerted law enforcement. Based on the investigation to date, GoTo detected unusual activity within its development environment and third-party cloud storage service. GoTo and its affiliate, LastPass, share the third-party cloud storage service.

On January 23, 2023, GoTo provided an update on the investigation and revealed that a threat actor had exfiltrated encrypted backups from a third-party cloud storage service related to several GoTo products, including Central, Pro, join.me, Hamachi, and RemotelyAnywhere. In addition, an encryption key for a portion of the encrypted backups was also exfiltrated.

Affected Products and Services

In a statement, GoTo CEO Srinivasan stated:

“Our investigation to date has determined that a threat actor exfiltrated encrypted backups from a third-party cloud storage service related to the following products: Central, Pro, join.me, Hamachi, and RemotelyAnywhere. We also have evidence that a threat actor exfiltrated an encryption key for a portion of the encrypted backups. The affected information, which varies by product, may include account usernames, salted and hashed passwords, a portion of Multi-Factor Authentication (MFA) settings, as well as some product settings and licensing information. In addition, while Rescue and GoToMyPC encrypted databases were not exfiltrated, MFA settings of a small subset of their customers were impacted.

It should be noted that GoTo has no evidence of exfiltration affecting any other GoTo products or any of GoTo’s production systems.

Recommendations for Customers

GoTo is contacting affected customers directly to provide additional information and recommend actionable steps for them to take to further secure their accounts. Even though all account passwords were salted and hashed in accordance with best practices, out of an abundance of caution, GoTo will also reset the passwords of affected users and/or reauthorize MFA settings where applicable. In addition, GoTo is migrating its accounts onto an enhanced Identity Management Platform, which will provide additional security with more robust authentication and login.

The Importance of Cybersecurity for Businesses

Cybersecurity is an essential aspect of modern business operations. With the increasing reliance on technology and the internet, it has become increasingly important to protect your organization’s sensitive information and systems from cyber threats. Cyber attacks can take many forms, from simple phishing scams to sophisticated malware and ransomware attacks. These threats can cause significant financial damage, disrupt operations, and compromise personal data.

Investing in an IT service is one of the most effective ways to protect your organization from cyber threats. An IT service provider can assist you in identifying vulnerabilities in your systems, implementing security measures, and monitoring your networks for signs of attack. They also can provide you with the tools and expertise necessary to recover quickly from a cyber attack.

A reputable IT service provider will have an up-to-date team of experts on the latest cybersecurity trends and can provide guidance and support to keep your organization secure.

When it comes to IT management and security, it is crucial to have a comprehensive cybersecurity strategy in place to protect against cyber threats such as hacking, phishing, and social engineering attacks. These threats can lead to significant financial losses and damage an organization’s reputation.

IT Management Process

IT management is the process of overseeing and organizing an organization’s technology resources. This includes the hardware, software, data, and team members involved with utilizing a computer network. It is crucial to ensure that an organization’s technology resources are used effectively and efficiently to meet its goals and objectives.

One key aspect of information technology management is cybersecurity, including implementing security measures such as antivirus software, firewalls, and intrusion detection systems, as well as monitoring computer networks for signs of attack. Additionally, IT managers are responsible for creating and implementing incident response plans in the event of a cyber-attack or data breach. They are also responsible for ensuring that the organization’s data is backed up and can be recovered in case of a disaster.

Another critical aspect of IT management is cloud computing. Many organizations are moving their data and applications to cloud-based services, which can provide cost savings and increased flexibility. However, it is essential for IT managers to ensure that the organization’s sensitive data is protected in the cloud and that the organization’s cloud-based services are correctly configured to meet the organization’s security requirements.

When choosing an IT service provider, it is essential to find one that offers a flexible, tailored approach to IT management and cybersecurity and can work closely with the clients to understand their specific needs and develop solutions tailored to their unique requirements.

Investing in an IT service and cybersecurity is crucial in today’s digital era. Cyber attacks can cause significant financial damage, disrupt operations, and compromise personal data. An IT service provider can help you identify vulnerabilities, implement security measures, and monitor your networks for signs of attack. EVERNET Consulting is a leading IT service provider that can help you with all your IT management and cybersecurity needs.

With our expertise and flexible, tailored approach, we can provide the tools and support you need to protect your organization from cyber threats. Contact us today to learn more about how we can help you.

Looking for more information on IT management? Then check out EVERNET’s Guide To IT Maintenance and Support E-book!!


At EVERNET Consulting, we are dedicated to helping organizations with their IT and cybersecurity needs. We work diligently to find the solutions that best fit the needs of your business. Whether you’re looking for IT support, software recommendations, or guidance on how to get the best protect your computer systems, we are here to help. Let’s schedule a discovery call and see how we can help you work smarter, not harder.

 

Project Discounted Hourly Rates

All new accounts pay a $500 dollar onboarding fee to start and an additional $125 per resource.

Marketing Materials

At EVERNET, we are experts in providing a broad range of marketing materials to our clients. Our offerings include brochures, flyers, business cards, posters, product catalogs, websites, social media content, press releases, presentations, and email newsletters.

SEMRush Premium Location

SEMRush Premium is a comprehensive suite of tools that helps businesses improve their online visibility and performance. It includes features for keyword research, competitive analysis, website auditing, and more. SEMRush Premium is used by businesses of all sizes, from small businesses to large enterprises.

SEMRush Basic Location

SEMRush Basic Location is a feature that allows you to manage your business listings in over 70 local directories.

Email*: Newsletter

Email*: Newsletter" refers to a task or item on a schedule or to-do list that involves writing and sending an email newsletter to a group of subscribers. A newsletter is a regular communication sent by a company, organization, or individual to provide updates, share information, and engage with the recipient base.

Email*: Product & Services Promo

Email*: Product & Services Promo" refers to a task or item on a schedule or to-do list that involves writing and sending an email to promote specific products or services offered by a company or organization. This email aims to attract recipients' attention, highlight the features and benefits of the products or services, and encourage them to purchase or engage with the offerings.

Email* Company Post (Holidays, Quick News Items)

Email*: Company Post (Holidays, Quick News Items)" refers to a task or item on a schedule or to-do list that involves writing and sending an email on behalf of a company or organization. This email aims to share company-related updates, news items, or holiday greetings with the intended recipients, such as employees, clients, or subscribers.

Email*: Blog/Press Release (est 1.25 hrs)

Email*: Blog/Press Release" refers to a task or item on a schedule or to-do list that involves writing and sending an email related to a blog or press release. It typically entails reaching out to individuals or organizations to announce the publication of a new blog post or a press release and seeking their support, coverage, or collaboration.

Social Text Post 

A social text post is a written message or update shared on social media platforms or online communities. It is a way for individuals to express their thoughts, opinions, share information, ask questions, or engage in conversations with others within their social network or online community.

Project Discounted Hourly Rates

All new accounts pay a $500 dollar onboarding fee to start and an additional $125 per resource.

 

Managed Website Support

EVERNET’s team of experts offers comprehensive website support services to ensure your website's smooth and efficient running. Our support includes technical and administrative assistance, such as website security updates, performance monitoring, and troubleshooting.

Branding Style Guide

A branding style guide, also known as a brand guidelines document or brand manual, is a comprehensive document that outlines the visual and stylistic guidelines for consistently representing a brand's identity across various mediums and applications. It is a reference tool for designers, marketers, and anyone involved in creating or using brand materials to ensure the brand is accurately and consistently presented.

Branding Stylescape

A branding stylescape, also known as a brand mood board or visual identity board, represents a brand's aesthetic and visual direction. It is a collage or composition of various design elements, including color palettes, typography, imagery, patterns, textures, and other visual cues that capture the essence and personality of a brand.

Deliver Logo Pack

The deliverable logo pack is a comprehensive resource for clients or stakeholders to effectively use and apply the logo in different contexts and across various platforms. It empowers them with the necessary files and guidelines to maintain consistency, protect the integrity of the brand identity, and ensure the logo's proper representation.

Logo Mockups

Logo mockups are a valuable tool in the design process, allowing designers and clients to assess the logo's effectiveness in real-world applications. They help bridge the gap between a conceptual logo design and its practical implementation, enabling informed discussions and decision-making.

Vectorize Logo

When a logo is vectorized, the original design or raster logo is converted into a vector format. This conversion process involves tracing the original logo using vector software or redrawing it using vector tools. The result is a logo that can be scaled to any size without pixelation, making it suitable for various applications, such as print materials, signage, websites, or promotional products.

Revisions

Logo design revisions are crucial to the design process, allowing our clients to provide input and shape the outcome. Through effective collaboration and iterations, our designers strive to create a logo that reflects your brand's identity and values and satisfies the client's expectations.

Logo Sketches

EVERNET will work with our clients on a hand-drawn or digital drawing that represents an initial exploration of ideas for a logo design. It is a rough and simplified representation of the logo concept and serves as a starting point for further development. Designers typically create logo sketches during the ideation phase of the design process.

Logo Concept

At EVERNET, we collaborate with our clients to bring their logo ideas and design direction to life. Our team uses a creative and strategic approach to develop logo concepts that represent the brand or organization visually. These concepts are crucial in the logo development process before the final design is selected.

Introductory Meeting

An introductory meeting for a branding project with EVERNET is a gathering or discussion that marks the initial stages of collaboration between a client and our agency. Its purpose is to establish a foundation for the project, allowing both parties to exchange information, align expectations, and explore the goals and objectives of the branding initiative.

Page Localization per page

Page localization per page refers to adapting or customizing individual web pages to suit a specific target audience's language, culture, and preferences. Instead of translating an entire website, page localization focuses on specific pages or sections relevant to a particular market or region. It involves modifying a webpage's content, design, and functionality to cater to the particular needs and expectations of the target audience.

Multivariant Testing

Multivariate testing, also known as multivariable testing, is a technique used in marketing and web development to simultaneously test multiple variations of elements or factors on a webpage or within a marketing campaign. It allows businesses to evaluate the combined impact of various variables and their interactions, providing insights into which combination produces the best results.

A/B Testing

A/B testing, also known as split testing, is a method used in marketing and web development to compare two or more variations of a webpage or element to determine which one performs better in achieving a specific goal. It involves dividing the audience into separate groups and showing each group a different version of the webpage or element to measure and analyze their response and behavior.

Sales Funnel/Lead Gen Pages

Sales funnel/lead gen pages are designed to capture leads and guide potential customers through sales. They are vital to online marketing and sales strategies, aiming to convert visitors into qualified leads and eventually into paying customers.

Revisions/Adjustments

Revisions or adjustments to a webpage refer to the modifications or changes made to a web page's content, design, or functionality. These revisions are typically done to improve the overall user experience, address issues, or update the webpage to reflect new information or requirements.

Web Page Translator

A webpage translator is a tool or feature that enables web content translation from one language to another. It allows users to view a webpage in their preferred language, even if the original content was written differently. Webpage translators are designed to make websites more accessible and user-friendly for a global audience.

Web Page Chat Bot

A webpage chatbot, also known as a web chatbot, is a type of conversational agent or virtual assistant designed to interact with users through a website. It is typically integrated into a webpage or application to provide real-time assistance, answer questions, and engage in conversations with visitors.

Web form creation refers to the process of designing and building interactive forms that are embedded in websites. Web forms are digital forms that allow users to input and submit information through various fields and elements.

Template Contact Form 

A template contact form refers to a pre-designed and pre-built form layout that can be used as a starting point or foundation for creating a contact form on a website. It provides a structured framework with the necessary fields and design elements commonly found in contact forms.

Privacy Policy Page

Termageddon privacy policies generator and management tool that helps website owners comply with various privacy laws, such as the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and Children’s Online Privacy Protection Act (COPPA). The tool provides customizable templates for privacy policies, terms of service agreements, disclaimers, and other legal documents that businesses may need for their websites.

Analytics & Search Engine Connection 

Analytics and search engine connection refer to integrating web analytics tools and search engines, typically Google Analytics and search engines like Google, Bing, or Yahoo. This connection allows businesses to gather valuable data and insights about their website's performance, user behavior, and search engine visibility.

Client Portal Integration

Client portal integration refers to incorporating a client portal into a business's existing systems or website, allowing secure and streamlined communication, collaboration, and access to resources between the company and its clients.

Competitive Keyword Research $/KW

Competitive keyword research is identifying and analyzing the keywords that competitors target in their digital marketing strategies. It involves researching and understanding the keywords your competitors are ranking for in search engine results pages (SERPs) and using that information to inform your keyword targeting strategy.

Google Reviews Carousel

The Google Review Carousel is a feature in Google search results that displays reviews for a specific business or entity.

Blog Integration

Blog integration refers to seamlessly incorporating a blog into a website or other digital platform. It involves integrating the blog functionality, design, and content management system (CMS) with the existing website infrastructure, allowing for a unified and cohesive user experience.

CRM Integration

CRM integration refers to connecting a Customer Relationship Management (CRM) system with other software applications or platforms to enable seamless data sharing, automation, and enhanced functionality. Integrating the CRM system with various tools, such as marketing automation software, email marketing platforms, e-commerce platforms, help desk systems, and more.

Copywriting/SEO

In web design, copywriting and SEO work hand in hand to create a visually appealing, engaging website optimized for search engines. Copywriters collaborate with SEO specialists to conduct keyword research and strategically integrate relevant keywords into the website's content, headings, and meta tags. They create persuasive copy that captures the target audience's attention and aligns with SEO best practices.

Custom Designed Page/Section

A custom-designed page/section is a uniquely tailored layout or structure created to meet specific design requirements and align with a brand's visual identity or individual preferences. Unlike a basic designed page/section, which often relies on pre-existing templates or standard layouts, a custom-designed page/section offers higher creativity, originality, and personalization.

Basic Designed Page/ Section

A basic designed page/section refers to a simple and straightforward layout or structure that serves as a foundation for content creation. It typically includes essential elements and a minimalistic design approach, focusing on clarity and ease of use. Primary designed pages/sections are commonly used in various contexts, such as web development, document creation, and graphic design.

Template Page/Section

A template page/section refers to a pre-designed layout or structure as a starting point for creating consistent and cohesive content within a larger document or website.

vCMO - Marketing Business Review 

A vCMO can be a valuable resource for businesses that lack in-house marketing expertise or need additional strategic guidance. Developing and implementing effective marketing strategies that drive business growth can be easy with a dedicated marketing team or chief marketing officer.

Advertising Management

With EVERNET's advertising management services, we take the burden off your shoulders by handling your advertising needs across various platforms. From social media and web advertising to print and billboard campaigns, we've got you covered. Our experienced team of professionals ensures that each venue receives dedicated attention, with an estimated time of 1 hour per venue.

Email*: Newsletter

Our team understands the importance of keeping your subscribers updated and entertained with valuable content. From industry insights and trends to company news and exclusive offers, our newsletters are designed to captivate readers and foster a sense of connection.

Email*: Product & Services Promo

When it comes to promoting your products and services, EVERNET excels in crafting compelling email campaigns. Our team specializes in creating attention-grabbing and persuasive email content that effectively showcases your offerings. Whether you're launching a new product, announcing a service upgrade, or running a promotional campaign, our tailored emails will captivate your audience and drive conversions.

Email* Company Post

With EVERNET's expertise in email marketing, we offer tailored company posts that are perfect for holiday promotions or sharing quick news items. Our team crafts engaging and personalized emails, ensuring your message resonates with your audience during festive seasons or when you have important updates to share.

Email*: Blog/Press Release

At EVERNET, our team of experienced copywriters excels at crafting specialized blog posts and press releases that cater to your business needs, delivering captivating content on any topic you desire.

Social Image/Graphic/Non-Produced Video Post

EVERNET creates captivating and tailored social image/graphic/non-produced video posts for its clients, ensuring that the visual content aligns with the unique requirements and characteristics of the social media platform on which they market their business.

Social Text Post 

EVERNET leverages its expertise to curate and distribute compelling social text posts on behalf of its clients, tailoring the content to suit the specific social media platform they utilize for marketing their business.

WP Rocket

WP Rocket is a premium caching plugin for WordPress websites designed to improve the website’s speed and performance by reducing the page loading time, minimizing HTTP requests, and optimizing code.

Workstation Backup

Backup and disaster recovery are two separate but connected concepts that organizations should always consider together. Backing up data is storing a copy of a business’s data in a cloud or physical environment, such as an external hard drive. 

 

General Copywriting/ Blog Press Release/ Content Page

EVERNET specializes in creating content that resonates with your target audience and drives engagement, whether you’re looking for blog posts, press releases, social media text, or email marketing.

Zoho Social Brand Management

Social media management tool helps businesses and agencies manage their social media presence more efficiently.

SEMRush Listing & Reputation management

SEMrush is a popular digital marketing tool that provides insights and analytics for SEO, PPC, social media, content marketing, and more. It helps businesses optimize their online presence, improve search rankings, and increase website traffic.

Termageddon

Termageddon privacy policies generator and management tool that helps website owners comply with various privacy laws, such as the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and Children’s Online Privacy Protection Act (COPPA).

SiteGround Website Hosting

EVERNET can assist your business by selecting the best web hosting platform based on your company’s specific needs and budget. Our experienced team can help migrate your site to a new hosting platform, configure the hosting environment, and provide ongoing monitoring and maintenance to ensure the site is always running smoothly.

Managed Advertising Support

At EVERNET, we understand the importance of advertising your brand, services, or products to the right audience. That is why our industry professionals are here to help you optimize your advertising campaigns to achieve your advertising goals and increase your ROI.

Managed CRM Support

EVERNET is a third-party implementation partner; we work with trusted software customer relationship management (CRM) vendors to provide software and technology solution services to help your business grow. We provide expertise, support, and resources to help your company deploy and maintain third-party solutions.

Managed Social Media Support

With EVERNET Social Media Support, we provide a comprehensive suite of services tailored to your business needs. From developing a custom social media strategy to community management, advertising, and analytics tracking, we offer a personalized approach that ensures your success on social media.

Managed Listing and Reputation Support

EVERNET offers comprehensive managed listing and reputation support services to help businesses establish and maintain a positive online presence.

Hosted Phone Service (VoIP)

A VoIP phone service eliminates the need for expensive hardware, lowering the setup fee more than traditional phone systems. VoIP won’t cost as much as you think for everything from virtual numbers to video conferencing.

Microsoft 365

Microsoft 365 suite is a family of productivity software, collaboration, and cloud-based services designed to make teamwork effortless. It includes Microsoft Outlook for email, OneDrive cloud storage, Microsoft Teams, and cloud applications like Word, Excel, and PowerPoint.

Corporate Password Manager

Password Management is a service that utilizes software that stores and manages online credentials. This allows individuals and businesses to save and manage their passwords from one safe space.  

Virtual Chief Information Officer (vCIO)

A vCIO, or virtual Chief Information Officer, is a professional who provides technical leadership and strategic guidance to an organization on a part-time or contract basis.

IT Maintenance

IT maintenance refers to ensuring that an organization’s information technology (IT) systems and infrastructure are operating smoothly and efficiently. This involves performing routine tasks such as installing software updates and patches, monitoring system performance and security, and repairing or replacing hardware.

Email Advanced Threat Protection

Email Advanced Threat Protection (ATP) is a security solution designed to protect email systems from advanced threats such as phishing, malware, and zero-day attacks.

Security Awareness Training

Security awareness training educates employees on how to protect the organization’s computer systems. Its goal is to help prevent cyber attacks from impacting a company’s database and day-to-day operations. 

Patch Management

Patch Management is a service that involves identifying, acquiring, testing, and installing patches or code changes to the software. 

Antivirus (EDR)

Antivirus is software used to prevent, scan, detect, and delete viruses from a computer. Antivirus software typically runs automatically in the background and provides real-time protection against virus attacks.

Device Health & Security Monitoring

24/7 Device Health Monitoring is a service that allows our IT team to keep a finger on the pulse of your IT Solutions, keeping your network running without interruption.  

Vendor Management

Vendor Management Service is a service EVERNET offers that helps clients manage their vendors. We do this by creating a unique email address for every client on EVERNET’s mail server, and we point this email address to our Client Portal.

Managed IT Support

With expertise in everything from Microsoft 365 to hosted phone services, backup and disaster recovery, 24/7 device health and security monitoring, and everything in between, EVERNET will manage all aspects of your IT systems. Keep your focus on confidently running your business, knowing EVERNET has your IT Solutions covered.