GoTo, maker of the popular virtual meeting and desktop-sharing software, and its affiliate LastPass confirmed on Wednesday that their shared cloud-storage service was hit by unknown hackers.
Remote access company GoTo, previously known as LogMeIn, revealed that hackers breached their development environment and third-party cloud storage. The incident was discovered upon tracking unusual activity.
How it got breached?
According to LastPass, information taken during a prior security incident in August 2022 was used by unidentified attackers to breach its cloud storage.
LastPass said the threat actor used information from the August breach to carry out the latest hack. The company said it had notified the relevant law enforcement authorities.
Neither GoTo nor LastPass has identified the third-party cloud service provider that suffered the breach. Both companies expressed their commitment to protecting users and preventing any future attacks.
“As part of our efforts, we continue to deploy enhanced security measures and monitoring capabilities across our infrastructure to help detect and prevent further threat actor activity,” Toubba said.
In September, after it concluded its investigation into the August breach, LastPass confirmed the incident did not expose any user data.