OneLogin is a cloud-based password management and identity management software company that aims to provide a “make sure that all users, all devices are connected to each application” service.
The survey shows that all customers whose services are served in the US data center are affected and their data information is compromised. In addition, the stolen data also includes “the ability to decrypt encrypted data.” Currently, OneLogin has prevented unauthorized access and is actively working with law enforcement agencies and security companies to investigate the impact of this event.
OneLogin provides customers with the following list of operations to protect their data and minimize security risks:
○ Forcibly reset passwords for all customers ;
○ Generate new security
credentials , OAuth tokens, and certificates for applications and websites; o Recycle secret records stored in secret in OneLogin.
Security experts remind users to pay attention to the recent phishing e-mail, as this is usually the next step after the data is compromised by cybercriminals. Phishing is designed to steal users for more details.