Home Cyber Attack OneLogin US data centers have been hacked!

OneLogin US data centers have been hacked!

by Unallocated Author

OneLogin stated Wednesday that its data centers in the US have been hacked.

Customers received this email from the company:
“OneLogin believes that all customers served by our US data center are affected and customer data was potential compromised,”

Password managers have increased in popularity since people try to keep up with the multiple different passwords they have for their online accounts.

Companies often asked users to create each password with at least 16 characters with various combinations of letters, numbers and things like asterisks and pound signs. Companies (password managers) work as a master key and save all that info, helping you to log in with encrypted passwords. Sadly, because they contain a user’s every password, managers are top targets for hacks.

OneLogin announced on Thursday clarified that the hacker was able to gain access to its systems using hacked Amazon Web Services (AWS) keys. The attacker used the stolen keys to reach the AWS API from an intermediate host with a several US-based service provider.

Alvaro Hoyos (chief information security officer at OneLogin) said:
“Through the AWS API, the actor created several instances in our infrastructure to do reconnaissance”

“While we encrypt certain sensitive data at rest, at this time we cannot rule out the possibility that the threat actor also obtained the ability to decrypt data. We are thus erring on the side of caution and recommending actions our customers should take, which we have already communicated to our customers,”

He also said that the investigation into the attackers behind the big breach is continuous.

You may also like