Author Topic: PSA: OneLogin Breached. (Read 4228 times)

wraith808 · « **on:** June 01, 2017, 04:07 PM »

Single sign-on provider OneLogin has experienced a breach. If you or your company uses OneLogin to sign in to applications, or if you use any of their other services, you need to be aware of this and may need to take several actions immediately.

In the past 24 hours, OneLogin sent out the following notice about a security incident:

“On Wednesday, May 31, 2017, we detected that there was unauthorized access to OneLogin data in our US data region. All customers served by our US data center are affected; customer data was compromised, including the ability to decrypt encrypted data. We have since blocked this unauthorized access, reported the matter to law enforcement, and are working with an independent security firm to assess how the unauthorized access happened and to verify the extent of the impact. We want our customers to know that the trust they have placed in us is paramount, and we have therefore created a set of required actions.”

(More at link on Wordfence)

Stoic Joker · « **Reply #1 on:** June 02, 2017, 06:44 AM »

O_o ...Why would they even have the ability to decrypt someone's data on the server side in the first place ... Isn't that supposed to be a no-no?

wraith808 · « **Reply #2 on:** June 02, 2017, 07:53 AM »

O_o ...Why would they even have the ability to decrypt someone's data on the server side in the first place ... Isn't that supposed to be a no-no?
-Stoic Joker (June 02, 2017, 06:44 AM)

It seems like it would be, especially for a SSO service. I'm sure if queried, they would have some sort of BS answer.

Deozaan · « **Reply #3 on:** June 02, 2017, 02:21 PM »

So... I don't use OneLogin, as far as I'm aware. I never even heard of it before this. But maybe some sites I use use it?

Is there a list of affected sites I need to check?

wraith808 · « **Reply #4 on:** June 02, 2017, 04:40 PM »

So... I don't use OneLogin, as far as I'm aware. I never even heard of it before this. But maybe some sites I use use it?

Is there a list of affected sites I need to check?
-Deozaan (June 02, 2017, 02:21 PM)

That's a good question. OneLogin is an SSO provider that bridges the logins between multiple sites- usually businesses and such. Like, I know my company uses it to bridge between a lot of different disparate services, so we don't have to continue to login. But I don't know what SSO provider they use.

For personal use not in a corporate environment, I don't know of anything that I use that uses SSO. But it's hard to tell, for example my bank interfaces with turbotax and quicken and another bank. I presume that's done through SSO, as I had to set up the link. But what do they use? Beats the hell out of me.

Tuxman · « **Reply #5 on:** June 03, 2017, 09:14 AM »

Oh, wait - you mean, it's not a great idea to store your passwords on other people's computers?

Author Topic: PSA: OneLogin Breached. (Read 4228 times)

wraith808

PSA: OneLogin Breached.

Stoic Joker

Re: PSA: OneLogin Breached.

wraith808

Re: PSA: OneLogin Breached.

Deozaan

Re: PSA: OneLogin Breached.

wraith808

Re: PSA: OneLogin Breached.

Tuxman

Re: PSA: OneLogin Breached.