Password managers are an important part of our online lives. While Apple’s Keychain works well enough if you live completely in their walled garden, the reality is most of us need a multi-platform solution. One of those options is OneLogin. And the company has revealed their systems were accessed by unauthorised parties this week.
Alvaro Hoyos, OneLogin’s CISO, said in a brief post that revealed nothing about how the breach occurred or how many users were affected, that the unauthorised access has been blocked, affected users have been notified and given instructions on what to do and that they’ve called the cops.
Breaches are a fact of life today. Any business that holds sensitive information is a target. So it’s hardly surprising that companies like OneLogin are being targetted. What remains to be seen is how well they react to this by keeping their customers informed, remediating the issue and updating their systems and processes to mitigate the risk of future attacks.
Are you a OneLogin user? Were you affected? How do you manage your passwords?
Comments
4 responses to “Have You Been Impacted By The OneLogin Breach?”
Do there exist any online password managers over 5 years old which haven’t been hacked?
lastpass may have been breached but all the passwords were still encrypted. i may be wrong though?
Lastpass was vulnerable to a bug. But no one could access anything since all data is encrypted and only the user can decrypt the data. Lastpass cannot access any of your data.
I couldn’t think of a more desirable honeypot to crack than online password managers. Don’t use them, won’t use them.