Hacked or OneLogin using Office365, Slack, Twitter, Google and so on

The SSO company that had the password manager (Password ) OneLogin παραβιάστηκε από !

In a brief post on their blog, the company's chief security officer, Alvaro Hoyos, said he had "detected unauthorized access to OneLogin data on US servers."OneLogin

The blog post does not contain any more information or technical details about the incident, and fails to report whether the hackers have intercepted sensitive customer data of the company, which refers only to the email sent to the company by e-mail to its customers , according to ZDNet.

"OneLogin believes that all customers served by the US data center are affected and customer data may have been leaked," the email said.

Hackers, on the other hand, have the ability to decrypt the encrypted data, reports one υποστήριξης της εταιρείας, που πρόσβαση έχουν μόνο οι πελάτες της OneLogin (ένα of the publication there is in pastebin).

The company advises its customers to change their passwords, generate new API keys for their services, and generate new OAuth tokens that they use to σε λογαριασμούς τους. Αναφέρει ακόμα ότι θα πρέπει να δημιουργήσουν νέα πιστοποιητικά ασφαλείας. Η εταιρεία ανέφερε επίσης ότι οι πληροφορίες που αποθηκεύονται στη λειτουργία Notes, used by IT administrators to store sensitive network passwords, can be decrypted.

Of course, questions remain about how hackers managed to gain access to such sensitive data, and why it can be decrypted.

OneLogin allows corporate users to access many web applications, websites and services with a single password. It is believed that the company has millions of users and serves more than 2.000 companies in dozens of countries, according to CrunchBase.

The company provides seamless connectivity to hundreds of different third-party applications and services, including Amazon Web Services, Microsoft Office 365, LinkedIn, Slack, Twitter, and Google υπηρεσίες.

iGuRu.gr The Best Technology Site in Greecefgns

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).