OneLogin Password Manager Breached – Hackers Decode User’s Data

Are you using the OneLogin password manager? If so, it is the time to change your account passwords immediately.

Recently, a data breach has happened in the OneLogin, which is a software company that manages passwords.

The company stated that on Thursday “unauthorized access” has been detected in the United States data region.

The data breach is extensive said the company as the nature of the cyber-attack.

What was the issue? OneLogin serves the purpose of “securing connections across all users, devices, and applications,” but still the potential weaknesses in its service have not been revealed, and it’s a question as to how users’ data was exposed in the first place.

Alvaro Hoyos, OneLogin chief information security officer, described in a brief blog post-Wednesday night “that they detected in the US data region unauthorized access to OneLogin data.”

What type of Information has been leaked? What was stolen in the breach is still unclear, but it was found that customers of the company’s US data center have been affected, these particulars were stated in a post on a support page accessible to clients only.

The stolen data also has “the ability to decrypt encrypted data.” stated the company.

What are the measures taken by OneLogin? OneLogin is working with security forces and law enforcements to find out about the incident. Steps have also been taken to block unauthorized access to its data center.

Hoyos stated, ” Since the breach, we have blocked this unauthorized access, and we have reported the matter to law enforcement. Further, we are in the process of working with an independent security firm to track how such a thing happened to verify the extent of the results that will be generated by this incident,”.

“We are making plans to prevent such an incident from happening in the future.”

What Should you do at the moment? First and foremost, change all your account passwords that you have linked with OneLogin.

The company has also given a set of actions for the customers to protect themselves and reduce the risk in their data, some of them are:

• Resetting passwords of customers.
• Enabling new security credentials, and certificates for apps and websites.
• OneLogin’s secure notes to be recycled.

For further support, OneLogin customers can contact [email protected]., the company’s security.

Just after a breach, the next step of cyber criminals is to generate malicious emails, which will ask you to give details of bank info and passwords.

This breach has been the second data breach the company suffered within a year. The first one was in August 2016, where an unauthorized hacker an accessed one of the company’s standalone systems, used for “log storage and analytics.”

Blog Link : https://www.techzata.com/onelogin-password-manager-breached-hackers-decode-users-data/