On January 25th, 2021, GoTo, a remote access company, disclosed that some of its customer cloud backups were stolen, along with the decryption key. This was due to a third-party cloud storage provider that failed to properly secure customer data.
GoTo's announcement stated that they believe customer data was accessed by an unnamed third party. While the customer data was encrypted, the encryption key was also stolen which allowed the third party to decrypt the data. GoTo stated that the customer data included company IP addresses, user names, encrypted passwords, and messages sent to their customers.
GoTo urged its customers to take the appropriate security measures to protect their data from potential threats. They recommended all users to change passwords, review activity logs, and be wary of any suspicious activity.
At this time, Sophos is unable to determine the extent of the attack or the number of affected users. However, the company recommends monitoring company accounts and reviewing security practices to ensure proper security for all customers.
Sophos suggests taking proactive steps to secure customer data, by investing in secure cloud storage, testing backups, and monitoring them regularly.
The company also suggests implementing multi-factor authentication on cloud storage and review access logs to identify any suspicious activity. Other measures could include stronger passwords, monitoring third-party systems, and running regular scans of the data stored in the cloud.
GoTo is continuing to investigate this incident and working closely with its customers to secure their data against any external threats. This unfortunate event is a warning to all cloud users to ensure their data is securely backed up and closely monitored.
This Cyber News was published on nakedsecurity.sophos.com. Publication date: Thu, 26 Jan 2023 15:58:02 +0000