As part of GoTo's continuous efforts to improve security, we send out email alerts to notify our customers about login activities.

A failed login attempt notification from GoTo means that an attempt to log into your account was not successful. Receiving these emails may indicate an automated attempt to log in by using credentials obtained through 3rd party breaches. Failed attempts mean that you're probably following GoTo's best practices of regularly changing your password, using complex passwords and/or have used two- factor authentication to further secure your account.

We have found no evidence to suggest that there has been a breach of GoTo's systems. We are seeing an increased number of login attempts, likely from hackers testing reused passwords (taken from 3rd party breaches) to obtain access to your account.

To verify your account activity, please log in to your account, select your in the upper-right corner, and select Account Settings > Security > Audit log.

If the login attempt was you and it was just an incorrectly typed password, please consider using a password manager such as LastPass to help save and auto-fill your passwords for the future. If the login attempt was not you, we highly recommend that you follow the best practices below.

Please ensure that you have followed our recommended best practices on password complexity below and enabled two factor authentication where available. Additional online security best practices include:

• Never use the same password across different online services, applications and websites.
• Regularly change passwords for both your computers and your online accounts.
• Use a password manager.
• Always be vigilant to avoid phishing attempts. Here's a quick primer.
• Enable 2-step or 2-factor authentication on your online services and applications, if it is offered.