Welcome to WebmasterWorld Guest from 54.196.42.8

Forum Moderators: open

Message Too Old, No Replies

OneLogin Password Manager Hacked

     
4:18 pm on Jun 2, 2017 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:25465
votes: 742


I'm sure a lot of us use password managers to help keep track of the huge number of passwords we've all got to manage.

This story about OneLogin being hacked is somewhat worrisome as it's now reported that the ability to decrypt encrypted data.
I'm sure, if you have an account there that OneLogin will already have been in touch. If not, oh dear, you'd better get onto it.

"OneLogin believes that all customers served by our US data center are affected and customer data was potentially compromised,"
Later in the day, the company said in an update: "Our review has shown that a threat actor obtained access to a set of [Amazon Web Services, or AWS] keys and used them to access the AWS API from an intermediate host with another, smaller service provider in the US." OneLogin Password Manager Hacked [zdnet.com]
9:57 pm on June 2, 2017 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12303
votes: 801


OneLogin shifting focus to the hackers by saying "hackers have 'the ability to decrypt encrypted data'" is suspect to their accountability in protecting their users' sensitive data.
"Our review has shown that a threat actor obtained access to a set of [Amazon Web Services, or AWS] keys and used them to access the AWS API from an intermediate host with another, smaller service provider in the US."
So they're *not* saying TLS v1.2 is hackable or that data security hashing is unsecure, only that their data was hackable. So it's their failure... that's what's important IMO.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members