cancel
Showing results for 
Search instead for 
Did you mean: 
JoJoKopp
Active Contributor

Re: 11/30/22 Security Incident

Thanks for this article.  

cvillard1
Active Contributor

Re: 11/30/22 Security Incident

There are sort of two bigger contenders that meet the security requirements we need/require (SOC 2 Audit and HIPAA Compliant) and that is TeamViewer and Splashtop. There are some others, one including a SolarWinds product, however we wont use any other SolarWinds products or services. The others are smaller, more basic. We will be demoing TeamViewer and Splashtop pretty quick if we do not hear anything new over the next week.

 

We want to give a chance for a fleshed out response from GoTo/LastPass, but pretty soon we will need to move forward.

cvillard1
Active Contributor

Re: 11/30/22 Security Incident

Another big thing for us, is to use a secured service to access rather than manage a VPN and then have to make sure user's home PC's are secured up.

(external links removed GlennD 12/15/22)

 

GlennD
GoTo Manager

Re: 11/30/22 Security Incident

Hi,

 

Mentioning competitors is one thing, but links will be removed. 

 

Glenn is a member of the GoTo Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!.

Free new user and admin training
cvillard1
Active Contributor

Re: 11/30/22 Security Incident

Sorry about that @GlennD, understood. I was answering the question but I do realize this isn't really the place. I would have removed those at your request, but thank you for letting me know.

etb
Active Contributor

Re: 11/30/22 Security Incident

Hello,

 

Has the investigation been completed yet as it would relate to LogMeIn Central?  Has GoTo commented on what they found in coordination with Mandiant, and what steps were taken accordingly (as it relates to Central)?

 

I did see the blog update on 12/22/22 for LastPass (link), but I think that really only discussed LastPass specifically.  I am not currently a LastPass customer, but we are a longtime LogMeIn Central customer, and I was sent the email notification of the "security incident" on 11/30/22.

 

 

Thanks,

etb

JoJoKopp
Active Contributor

Re: 11/30/22 Security Incident

I have been wondering the same thing.  Without any update we have stopped using LogMeIn and yet are still paying for the service.  Are we going to get credits for not being able to use it? 

 

We have been told that it is up and functioning, but they will not tell me that it is secure.  The last pass update revealed that the breach is worse then it was originally thought, so they telling me the service is up and functioning without a guarantee of security leads me to believe credits should be given.

 

Joann

etb
Active Contributor

Re: 11/30/22 Security Incident

For anyone who hasn't seen it yet, I just received the following in an email from GoTo.  I haven't totally digested it yet, but it sounds like password changes are being forced (which is most likely a good thing).

 

 

Dear Customer,

I am writing to update you on our ongoing investigation about the security incident we told you about in November 2022.

Our investigation to date has determined that a threat actor exfiltrated encrypted backups related to Central and Pro from a third-party cloud storage facility. In addition, we have evidence that a threat actor also exfiltrated an encryption key for a portion of the encrypted data. However, as part of our security protocols, we salt and hash Central and Pro account passwords. This provides an additional layer of security within the encrypted backups.

 

Recommended Actions
Out of an abundance of caution, we are resetting your Central or Pro password. If you use Multi-Factor Authentication to sign into your account, you may be prompted to update your Multi-Factor Authentication settings during this process.

As an additional step to protect you, your account will automatically be migrated to GoTo’s enhanced Identity Management Platform as part of your password reset. This platform provides additional security for your users with more robust authentication and login-based security options, including enhanced controls, stronger password requirements, and a Single Sign-On option to access multiple GoTo (formerly LogMeIn) products. Note: all users who have reset their password since December 12 have already migrated to the new platform and do not need to take this action. Additional guidance can be found here for Central and Pro.

 

What information was affected
The information in the affected backups include your Central and Pro account usernames and salted and hashed passwords. It also includes your deployment and provisioning information, One-To-Many scripts (Central only), some Multi-Factor Authentication information, licensing and purchasing data such as user emails, phone numbers, billing addresses, and the last four digits of credit card numbers (we do not store full credit card or bank details).

Based on our investigation to date, we continue to believe that the threat actor did not have access to GoTo’s production systems. Furthermore, Central and Pro's peer-to-peer technology and end-to-end encryption provide security against interception and eavesdropping of data transferred during remote sessions. Your session data in transit is always protected by Transport Layer Security (TLS) 1.2.

While the investigation is ongoing, we wanted to provide this important update to you, and recommend clear and actionable steps in response to what we have learned. We are committed to protecting you, your information, and the security of our products and will continue to update you. If you have any additional questions, please contact customer support.

Paddy Srinivasan
CEO, GoTo (formerly LogMeIn)

 

(Minor edit made to include the resource links in the original email. Please note if you did not receive the email no action is required - GlennD

 

HappyHippo
Active Contributor

Re: 11/30/22 Security Incident

Were the One2Many attached files also accessed (registry files, MSI, etc..)? We need to know this. Need further clarity please.

GlennD
GoTo Manager

Re: 11/30/22 Security Incident

Hi @HappyHippo,

 

Please give our toll-free support a call and they can assist you with any specifics. 

 

Glenn is a member of the GoTo Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!.

Free new user and admin training