Author Topic: OneLogin Affected by Data Breach, Attacker May Have Decrypted Data  (Read 58 times)

0 Members and 1 Guest are viewing this topic.

Offline Gilbert

  • Updates Moderator
  • *
  • Posts: 31720
OneLogin Affected by Data Breach, Attacker May Have Decrypted Data
« Reply #1 on: June 02, 2017, 11:15:50 AM »
OneLogin Affected by Data Breach, Attacker May Have Decrypted Data
2 June 2017, 11:07 am

Access manager service OneLogin has announced that it has suffered a massive data breach that affects all users of whose data was stored on the US servers, making for a rather nasty situation. 

"Our review has shown that a threat actor obtained access to a set of AWS keys and used them to access the AWS API from an intermediate host with another, smaller service provider in the US," the announcement reads. It seems the attack started on May 31, 2017 around 2AM PST and was shut down around 9AM PST when the company's staff was alerted of unusual database activity. It only took them a few minutes to shut down the affected instance, as well as the keys that were used to create it. 

OneLogin states that the attacker was able to access database tables that contain info about users, apps, and various types of keys. 

The worst part is, however, that while this data ... (read more)

Source: Softpedia News / Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

 


Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2018 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by DSTM & PseFrank

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques



Smokey's also provides free fully qualified Log / Malware Analysis & Removal Help and System Health Checks