GoTo (formerly LogMeIn) has confirmed on Monday that attackers have stolen customers’ encrypted backups from a third-party cloud storage service related to its Central, Pro, join.me, Hamachi, and RemotelyAnywhere offerings. However, the attackers have also managed to grab an encryption key for a portion of the encrypted backups.
In early December, LastPass and its affiliate GoTo made public a security incident involving the third-party cloud storage service both companies use, as well as GoTo’s development environment. Four months before that, LastPass suffered a data breach and got portions of its source code and some proprietary technical information stolen.