On Monday, January 23, 2023, GoTo.com CEO, Paddy Srinivasan, provided an update on the ongoing investigation into a security incident that occurred in November 2022. In his statement, Srinivasan revealed that a threat actor had exfiltrated encrypted backups from a third-party cloud storage service related to several GoTo products. These products included Central, Pro, join.me, Hamachi, and RemotelyAnywhere. In addition, an encryption key for a portion of the encrypted backups was also exfiltrated.
This blog post will provide a detailed breakdown of the security incident at GoTo, the products and services that were affected, and the company’s steps to address the issue. We will also provide recommendations for customers to further secure their accounts and discuss the enhanced security measures that your organization should use to protect your computer network.
Timeline of Events
On November 30, 2022, GoTo announced that it was investigating a security incident. The company immediately launched an investigation, engaged a leading security firm, and alerted law enforcement. Based on the investigation to date, GoTo detected unusual activity within its development environment and third-party cloud storage service. GoTo and its affiliate, LastPass, share the third-party cloud storage service.
On January 23, 2023, GoTo provided an update on the investigation and revealed that a threat actor had exfiltrated encrypted backups from a third-party cloud storage service related to several GoTo products, including Central, Pro, join.me, Hamachi, and RemotelyAnywhere. In addition, an encryption key for a portion of the encrypted backups was also exfiltrated.
Affected Products and Services
In a statement, GoTo CEO Srinivasan stated:
“Our investigation to date has determined that a threat actor exfiltrated encrypted backups from a third-party cloud storage service related to the following products: Central, Pro, join.me, Hamachi, and RemotelyAnywhere. We also have evidence that a threat actor exfiltrated an encryption key for a portion of the encrypted backups. The affected information, which varies by product, may include account usernames, salted and hashed passwords, a portion of Multi-Factor Authentication (MFA) settings, as well as some product settings and licensing information. In addition, while Rescue and GoToMyPC encrypted databases were not exfiltrated, MFA settings of a small subset of their customers were impacted.
It should be noted that GoTo has no evidence of exfiltration affecting any other GoTo products or any of GoTo’s production systems.
Recommendations for Customers
GoTo is contacting affected customers directly to provide additional information and recommend actionable steps for them to take to further secure their accounts. Even though all account passwords were salted and hashed in accordance with best practices, out of an abundance of caution, GoTo will also reset the passwords of affected users and/or reauthorize MFA settings where applicable. In addition, GoTo is migrating its accounts onto an enhanced Identity Management Platform, which will provide additional security with more robust authentication and login.
The Importance of Cybersecurity for Businesses
Cybersecurity is an essential aspect of modern business operations. With the increasing reliance on technology and the internet, it has become increasingly important to protect your organization’s sensitive information and systems from cyber threats. Cyber attacks can take many forms, from simple phishing scams to sophisticated malware and ransomware attacks. These threats can cause significant financial damage, disrupt operations, and compromise personal data.
Investing in an IT service is one of the most effective ways to protect your organization from cyber threats. An IT service provider can assist you in identifying vulnerabilities in your systems, implementing security measures, and monitoring your networks for signs of attack. They also can provide you with the tools and expertise necessary to recover quickly from a cyber attack.
A reputable IT service provider will have an up-to-date team of experts on the latest cybersecurity trends and can provide guidance and support to keep your organization secure.
When it comes to IT management and security, it is crucial to have a comprehensive cybersecurity strategy in place to protect against cyber threats such as hacking, phishing, and social engineering attacks. These threats can lead to significant financial losses and damage an organization’s reputation.
IT Management Process
IT management is the process of overseeing and organizing an organization’s technology resources. This includes the hardware, software, data, and team members involved with utilizing a computer network. It is crucial to ensure that an organization’s technology resources are used effectively and efficiently to meet its goals and objectives.
One key aspect of information technology management is cybersecurity, including implementing security measures such as antivirus software, firewalls, and intrusion detection systems, as well as monitoring computer networks for signs of attack. Additionally, IT managers are responsible for creating and implementing incident response plans in the event of a cyber-attack or data breach. They are also responsible for ensuring that the organization’s data is backed up and can be recovered in case of a disaster.
Another critical aspect of IT management is cloud computing. Many organizations are moving their data and applications to cloud-based services, which can provide cost savings and increased flexibility. However, it is essential for IT managers to ensure that the organization’s sensitive data is protected in the cloud and that the organization’s cloud-based services are correctly configured to meet the organization’s security requirements.
When choosing an IT service provider, it is essential to find one that offers a flexible, tailored approach to IT management and cybersecurity and can work closely with the clients to understand their specific needs and develop solutions tailored to their unique requirements.
Investing in an IT service and cybersecurity is crucial in today’s digital era. Cyber attacks can cause significant financial damage, disrupt operations, and compromise personal data. An IT service provider can help you identify vulnerabilities, implement security measures, and monitor your networks for signs of attack. EVERNET Consulting is a leading IT service provider that can help you with all your IT management and cybersecurity needs.
With our expertise and flexible, tailored approach, we can provide the tools and support you need to protect your organization from cyber threats. Contact us today to learn more about how we can help you.
Looking for more information on IT management? Then check out EVERNET’s Guide To IT Maintenance and Support E-book!!
At EVERNET Consulting, we are dedicated to helping organizations with their IT and cybersecurity needs. We work diligently to find the solutions that best fit the needs of your business. Whether you’re looking for IT support, software recommendations, or guidance on how to get the best protect your computer systems, we are here to help. Let’s schedule a discovery call and see how we can help you work smarter, not harder.
Eric is a Business IT cybersecurity advisor, consultant, manager, integrator, and protector who founded EVERNET in 2007. Eric co-hosts a podcast called “Finance and Technology Insights by Brian & Eric” on YouTube. Eric is a regular contributor to the EVERNET blog, writing about the latest technology news and providing his expertise in cyber security prevention and management. Meet with our CEO and say goodbye to one-size-fits-all IT support and cybersecurity.