Password manager OneLogin suffers malicious data hack
“The threat actor was able to access database tables that contain information about users, apps, and various types of keys,” OneLogin said in a statement.
The attack occurred on May 31 around 2am PST (09:00 GMT), according to OneLogin. Staff were not aware of the breach until seven hours later at 9am PST and it was shut down within minutes.
"All customers served by our US data centre," are potentially vulnerable, according to an email reportedly sent to customers. The email allegedly states that OneLogin cannot reveal additional information on the attack as it is being investigated by law enforcement agencies.
“We cannot rule out the possibility that the threat actor also obtained the ability to decrypt data. We are thus erring on the side of caution and recommending actions our customers should take,” it said, advising customers to take a number of steps, including resetting passwords and generating new security certificates.
Hey @OneLogin you shouldn't have the security article behind OneLogin. Kind of hard to trust it right now. Make it publicly accessible!— Erik Gomez (@Contains_ENG) June 1, 2017
In 2013 the company announced it had reached a user base of 12 million, including 700 corporate customers.
The service allows users to access multiple apps and sites using a single sign-on. Services integrated into OneLogin include DropBox, Amazon Web Services, Office 365, Salesforce, Sharepoint, Slack and Zendesk.