Image default
2018 Archive

OneLogin centralized password data breach, most of the customer information has been hacked


Software products selling company OneLogin facing problems in security data breach. The company claims the number of applications and clouds are the most secure way for the companies to buy OneLogin software and applications. On this Wednesday the news is confirmed by the company’s corporate blog.

OneLogin software’s users have to double click on the accounts from the company because the company already informed about the security breach. The customer information is stolen by this security hack in this week. The password manager have to create unique passwords so that to kick out the hackers to steal more data or any information.

According to the report, company overcome the unauthorized access from the US company. OneLogin fix out theproblem, but unfortunately most of the users’ information has been stolen. OneLogin explains the method of attack as:

“Our review has shown that a threat actor obtained access to a set of AWS keys and used them to access the AWS API from an intermediate host with another, smaller service provider in the US. Evidence shows the attack started on May 31, 2017 around 2 am PST. Through the AWS API, the actor created several instances in our infrastructure to do reconnaissance. OneLogin staff was alerted of unusual database activity around 9 am PST and within minutes shut down the affected instance as well as the AWS keys that were used to create it.”

Worse time in the history of the OneLogin, even though the company has potential to encrypt the all information, but at that moment, hacker decrypts data.

The hacker has access to all information, application and access to different keys on the system. Since the company claimed that, a list of all affected customers had been made and the company tries to mitigate the loss. Lets see how much company mitigates all those users who have suffered by the information lost.


Related posts