"LastPass Owner GoTo Says Hackers Stole Customers' Backups"

LastPass' parent company GoTo has revealed that attackers stole customers' encrypted backups during a recent breach. LastPass initially confirmed the breach on November 30, 2022. At the time, the LastPass chief executive Karim Toubba stated that an unauthorized entity had accessed some customers' information stored in a third-party cloud platform shared by LastPass and GoTo. The attackers used information stolen during an earlier intrusion into LastPass' systems to further access the companies' shared cloud data. Now, about two months later, in a new statement, GoTo confirmed that the cyberattack affected several of its products, including the business communications tool Central, the online meetings service Join.me, the hosted Virtual Private Network (VPN) service Hamachi, and its Remotely Anywhere remote access tool. GoTo stated that the intruders stole encrypted backups from these services as well as the encryption key used by the company to secure the data. This article continues to discuss GoTo's confirmation that hackers stole customers' backups and the company's encryption key. 

TechCrunch reports "LastPass Owner GoTo Says Hackers Stole Customers' Backups"