OneLogin Breach Shows Alarming Potential For Hackers To Decrypt Customer Data

by Brandon Hill — Saturday, June 03, 2017, 03:17 PM EDT

Sometimes it feels as though nothing is safe from the prying eyes (and digital crowbars) of dedicated hackers. Single sign-on provider OneLogin has found this out the hard way, as its systems were breached this week, potentially exposing customer data.

"We detected unauthorized access to OneLogin data in our US data region," OneLogin disclosed in a blog posting this week. "We have since blocked this unauthorized access, reported the matter to law enforcement, and are working with an independent security firm to determine how the unauthorized access happened and verify the extent of the impact of this incident."

hacker

This initial notice was frustratingly lacking in detail, and customers were left to assume the worst with regards to the severity of the attack. However, OneLogin has since updated its blog posting with more details, including the unfortunate news that hackers were able to gain access to the company's AWS keys.

The hackers were then able to use those keys to "access the AWS API from an intermediate host with another, smaller service provider in the US." The company reports that the intrusion began at 2AM on May 31^st, but it wasn't until seven hours later that OneLogin staff detected any anomalies and was able to cut off access. That is a rather lengthy period of time for the "threat actors" to have access to the company's database tables.

OneLogin also provided this rather dour warning:

While we encrypt certain sensitive data at rest, at this time we cannot rule out the possibility that the threat actor also obtained the ability to decrypt data. We are thus erring on the side of caution and recommending actions our customers should take, which we have already communicated to our customers.

Those actions of course include resetting passwords, generating new API keys and creating new security certificates.

It is reported that OneLogin provides services to over 2,000 companies (including Yelp, Midas, Pinterest, Pacific Life, The Carlyle Group, Conde Nast, and Pandora) and has millions of individual users. OneLogin allows users to integrate with services like Amazon Web Services, Office 365 and Google ecosystem.

Tags: Hackers, breach, AWS, onelogin

Brandon Hill

Brandon received his first PC, an IBM Aptiva 310, in 1994 and hasn’t looked back since. He cut his teeth on computer building/repair working at a mom and pop computer shop as a plucky teen in the mid 90s and went on to join AnandTech as the Senior News Editor in 1999. Brandon would later help to form DailyTech where he served as Editor-in-Chief from 2008 until 2014. Brandon is a tech geek at heart, and family members always know where to turn when they need free tech support. When he isn’t writing about the tech hardware or studying up on the latest in mobile gadgets, you’ll find him browsing forums that cater to his long-running passion: automobiles.

Opinions and content posted by HotHardware contributors are their own.

Which New GPU Is For You?

Stay updated with the latest news and updates. Subscribe to our newsletter!

Subscribe Now