GoToMYPC attacked

Another remote access service is under attack, with Citrix's GoToMYPC running a system-wide password reset.

It's keeping details of the nature of the breach under wraps for now, but it looks to Vulture South like someone's either bulk-testing passwords on leaked lists, or taking a shot at man-in-the-middle. From the GoToMYPC announcement:

“Unfortunately, the GoToMYPC service has been targeted by a very sophisticated password attack. To protect you, the security team recommended that we reset all customer passwords immediately.

Effective immediately, you will be required to reset your GoToMYPC password before you can login again.”

The advisory gives the usual advice about password strength, overlooks telling users don't-reuse-passwords, and asks users to consider turning on two-factor authentication. ®