It’s getting harder to avoid the fact that your personal data on the Internet is just not safe any more. Following the recent rise in data breaches that have already hit companies like Yahoo, Dropbox, and Telegram, it now seems OneLogin is the latest to join the list as the company reported Wednesday an “unauthorised access to OneLogin data in our US data region.”
OneLogin is a password manager and single sign-on provider, which reported a data breach but has been unclear as to the nature of the attack. The firm’s chief security officer Alvaro Hoyos said in a blog post that “a malicious actor had obtained access to our US operating region.” The company reportedly found a threat actor had “obtained access to a set of Amazon Web Services (AWS) keys and used them to access the AWS API from an intermediate host with another, smaller service provider in the US.”
The severity of the breach to consumers is not yet known but the company has stated that the hack allowed the threat actor to access database tables that contain personal information about users, apps, and various types of keys. While the company maintains that it encrypts certain sensitive data, it didn’t rule out the possibility that the ‘malicious actor’ had the ability to decrypt them.
OneLogin updated the blog post saying that the staff was alerted about the attack at 9am PST (about seven hours after the attack started) and was “able to shut down the affected instance as well as the AWS keys that were used to create it.” Although the firm mentioned that it encrypts sensitive information, many were curious about how the attacker was able to then get access to data that could be decrypted.