Skip to main content

Hackers dug deep in the massive LastPass security breach

The cybersecurity breach that LastPass owner GoTo reported in November 2022 keeps getting worse as new details are revealed, calling into question the company’s transparency on this serious issue.

It has been two months since GoTo shared the alarming news that hackers stole the usernames, passwords, email addresses, phone numbers, IP addresses, and even billing information of LastPass users. In GoTo’s latest blog update, the company reported that several of its other products were compromised as well.

Recommended Videos

GoTo’s Central, Pro, join.me, Hamachi, and RemotelyAnywhere were all hacked and the encrypted databases with account usernames, salted and hashed passwords, Multi-Factor Authentication (MFA) settings, some product settings, and licensing information were accessed by hackers. Even if you don’t use LastPass, you might have made use of these services so this expands the number of people affected by the cyberattack.

Please enable Javascript to view this content

While the databases were encrypted, the encryption key was also stolen, making it a simple matter for anyone with the key to read all of this information. That provides plenty of fodder for future cybersecurity attacks in order to gain further access to the valuable personal and financial data of the users of these services.

Rescue and GoToMyPC encrypted databases were not affected, but the MFA settings of some customers were impacted. The only good news that GoTo shared in its latest update is a reminder that GoTo doesn’t store full credit card and bank details, date of birth, home address, or Social Security numbers. Even if your data is in the hands of hackers, they won’t be able to immediately drain your bank account or run up a big credit card bill.

That said, every little addition to hacker profiles makes it easier to gain access to critical data to unlock your most important accounts and steal your data and money. If you use any of the GoTo products and services mentioned above, it’s a good idea to take the time to change passwords and switch on two-factor authentication to secure your accounts.

Alan Truly
Alan Truly is a Writer at Digital Trends, covering computers, laptops, hardware, software, and accessories that stand out as…
Hackers targeted 1Password after Okta breach, but your logins are safe
A dark mystery hand typing on a laptop computer at night.

Security credentials like usernames and passwords are a tempting target for hackers, and even the best password managers can come under threat from time to time. That was the case recently with the popular password manager 1Password, which recently disclosed (via Bleeping Computer) that its Okta support system was breached by malicious hackers.

Fortunately, it doesn’t appear that any customer data was stolen, so if you use 1Password, your login info should be safe for now. However, it’s always good to regularly update your passwords (or use passkeys) just in case they fall into the wrong hands.

Read more
Hackers are using this incredibly sneaky trick to hide malware
A hacker typing on an Apple MacBook laptop, which shows code on its screen.

One of the most important things you can do to protect your online security is install one of the best password managers, but a recent cyberattack proves that you have to be careful even when doing that. Thanks to some sneaky malware hidden in Google Ads, you could end up with viruses riddling your PC.

The issue affects popular password manager KeePass -- or rather, it attempts to impersonate KeePass by using misleading Google Ads. First spotted by Malwarebytes, the nefarious link appears at the top of search results, meaning you’ll likely see it before the legitimate websites that follow beneath it.

Read more
This massive exploit lets hackers breach apps like Chrome, 1Password, and Telegram
A dark mystery hand typing on a laptop computer at night.

A massive security bug has just been discovered that affects WebP images used in untold numbers of websites and apps, and it could potentially let hackers break into your computer and extract data from it. In fact, Google has already seen it being actively exploited in the wild. Because of that, it’s essential that you patch your computer as soon as possible.

The discovery has been detailed by researcher Alex Ivanovs, who wrote about the bug in a blog post. Right now, it seems to affect almost all of the best web browsers, including Chrome, Firefox, Edge, and Brave. WebP images are used all over the web, meaning huge numbers of sites and apps could be affected.

Read more