OneLogin, an identity and access management software that provides a single sign-on to multiple websites and cloud applications, has been broken into by hackers on Wednesday.
The company said that the hacker was “able to access database tables containing information about users, apps, and various types of keys. While we encrypt certain sensitive data at rest, at this time, we cannot rule out the possibility that the threat actor also obtained the ability to decrypt data.”
In other words, this is isn’t a simple data breach – it is a serious, scary-looking hack that poses unpleasant and worrisome questions about safe cloud usage.
In a blog post, OneLogin’s chief information security officer, Alvaro Hoyos, said that an unauthorized person(s) gained access to the company’s servers in the U.S. region. He explained that this hacker obtained a set of AWS keys which he used to access the AWS API (application programming interface) through another service provider. According to the blog post, the attack started on May 31, around 2 AM PST.
OneLogin’s investigation is still ongoing and is now aided by law enforcement as well as independent third-party security experts.
It’s worth noting that despite the hack, some security experts say that using password managers is still safer than using the same passwords for multiple websites.
References:
OneLogin Blog (https://www.onelogin.com/blog/may-31-2017-security-incident)
Phys.org (https://phys.org/news/2017-06-hackers-centralized-password-onelogin.html)
Fortune (http://fortune.com/2017/06/02/onelogin-password-security-breach/)
Chanwoo's Weekly Tech 