LastPass password manager brought new details about the system breach that occurred in November 2022. Through the platform’s parent company, GoTo, it turns out that hackers steal encrypted backups of customers during intrusion.
Earlier, LastPass CEO Karim Toubba said that the attackers gained access to customer data stored in a third-party cloud service. Criminals already have their credentials previous invasion in August 2022.
In the last communiqué, GoTo reports that the attack affected other services in addition to LastPass. These include Central business communicator, Join.Me online meeting platform, Hamachi VPN, and Remotely Anywhere remote access tool.
The company reveals that Cybercriminals were able to extract encrypted backups of customers of the aforementioned services. Moreover, they also seized the encryption key used to protect the data.
According to GoTo, Leaked information varies by services, including usernames, passwords and is part of the Multi-Factor Authentication (MFA) settings. The MFA settings of a small group of customers were also affected, while encrypted data from other services such as GoToMyPc was inaccessible.
The company, which has more than 800,000 customers, would contact companies whose information was exposed in the occupation. However, guidance is provided for resetting passwords and reauthorizing MFA settings.
In the same statement, GoTo states that it does not store bank or credit card information. In addition, the company does not collect personal data from users accessing the services.
The information contradicts previously published information about the occupation by LastPass. The password management platform stated that the contents of encrypted password vaults were accessed, including usernames, email and billing data.
Source: Tec Mundo