OneLogin’s chief security officer Alvaro Hoyos has written a brief blog post confirming the unauthorised access to OneLogin data in the US region. He also stated that all the affected customers have been informed about the incidence.
Alvaro Hoyos also said that the company has been able to stop the unauthorised access of customer data and block the hackers breach. Moreover, the company is working with the law enforcement for further steps.
The blog post by the company initially did not mention that there was a serious breach of sensitive customer data. However, in the emails sent to the customers, they have mentioned that the hackers were able to steal sensitive customer data.
The email sent to the customers clarifies that all the customers who were connected to the US data centre are all affected by this security breach.
The company said that the attack took place at 2 a.m. Pacific Standard Time. However, the staff was unable to realise it for some seven hours. Later when the unusual activity was caught by the staff they quickly shut down the affected instance in the system.
The company said that hackers were able to access database tables that contained the information about users, apps and several types of keys.
Although the company has been able to encrypt certain sensitive data, it could not rule out the possibility of the hackers ability to decrypt the data of the customer. However, the company has not released any information as to which data has been encrypted or decrypted.
The users on the Twitter have raised questions with regards to the company’s security capabilities. As according to one Twitter user it is disturbing to see that hackers were able to decrypt the data via breach.
The company has issued advisory for the customers to change their passwords and generate new API keys for their services. Moreover, developers need to generate new OAuth tokens to create new security certificates. The company has been unable to answer as of now, the number of customers who have been directly affected by this security breach.
The company is going through a second breach. The first one taking place last year in August. The company then had said that it’s Secure Notes services were accessed by an unauthorised user. However, it denied that any customer data was stolen. It seems there is a lot of hacker activity going on around the world right now from Russian’s hacking into Trump campaign to Zomato profile’s being hacked.