“It’s a fair bet that whoever perpetrated this attack had help from huge email and password lists recently leaked online from older breaches at LinkedIn, MySpace and Tumblr to name a few,” said security expert Brian Krebs. This is a problem because many people reuse passwords on various sites, which leaves them open to being compromised through many routes once a single password is leaked from any source. Several services are beginning to feel the wrath of massive password dumps yielded from data breaches and hacks at other sites.
Citrix has also not confirmed or commented on whether its other GoTo services, like GoToMeeting and GoToAssist, have been affected. GoToMyPC has not confirmed how many accounts have been caught up in the password breaches. “Citrix can confirm the recent incident was a password re-use attack, where attackers used usernames and passwords leaked from other websites to access the accounts of GoToMyPC users,” said the company in a statement to users, which also came with advice on coming up with a stronger password and encourages everyone to use two-factor authentication.Īll affected accounts have been issued the mandatory password reset. Similar to recent issues for TeamViewer, another remote computer sharing software, GoToMyPC’s parent company Citrix believes that the root of the unauthorized access by attackers is due to a password dump. Remote computer access tool GoToMyPC has been hit by a “sophisticated password attack,” and all user passwords have been reset.