OneLogin Discloses Data Breach

June 1, 2017, Written By Bill Hardekopf

Password management platform OneLogin has disclosed a data breach.

The company said it discovered “unauthorized access” to customer data. They are working with a private security firm and law enforcement to investigate the breach.

“Today we detected unauthorized access to OneLogin data in our US data region,” Alvaro Hoyos, the company’s chief information security officer, wrote on OneLogin’s blog. “We have since blocked this unauthorized access, reported the matter to law enforcement, and are working with an independent security firm to determine how the unauthorized access happened and verify the extent of the impact of this incident.”

While the disclosure offered few details about the extent of the breach, an email notification published by Motherboard indicates that not only was user information compromised, but the hackers may also have gained “the ability to decrypt encrypted data.”

The OneLogin platform allows users to access multiple cloud-based applications and website using a single sign-on. Some of the websites integrated with the service include Amazon Web Services, Cisco Webex, Google Analytics, LinkedIn, Microsoft Office 365 and Slack.

The company has taken a number of steps to help secure user data, including:

  • forcing users to reset their passwords
  • generating new security credentials and certificates for websites and apps
  • Changing secrets stored in the company’s secure notes.

While the company said the breach is limited to the United States, they serve over 2,000 business customers in 44 countries.



The information contained within this article was accurate as of June 1, 2017. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.


About Bill Hardekopf

Bill Hardekopf is the CEO of LowCards.com and covers the credit card industry from all perspectives. Bill has been involved with personal finance for over 15 years. He is a frequent contributor to Forbes, The Street and The Christian Science Monitor.
View all posts by Bill Hardekopf