Password Manager One Login Hit By Cyber Attack Which Exposed Customer Information

Media Division | June 2, 2017

Passwords are a critical part of our overall online security. Though, hackers have become more adept at cracking basic passwords, hence why many organizations require the creation of highly complex passwords with varying characters. With the large number of online accounts that people hold these days, it can be somewhat annoying to try and remember all of their individual passwords. Some people will use the same password or variations of it for everything to avoid forgetting it. Others will resort to password managers, which hold all of their passwords and allow them one click access to logging into several different services. But, with all of those passwords in one place, this can be a very lucrative target for cyber attackers, as is displayed by the recent attack upon OneLogin, a commonly used password manager.

How the Breach Occurred

At first, OneLogin had been quite tight-lipped in regards to the incident. On Wednesday, they had simply said that they had detected unauthorized access which had compromised customer data and included the ability to decrypt encrypted information. They said that they were not releasing any further data as an investigation was underway, which involved the assistance of law enforcement and a private security firm. The company had reached out to customers to inform them of the breach and said that they were working to improve security to prevent further incidents. On Friday, they released a further statement which detailed the method of the breach. “Our review has shown that a threat actor obtained access to a set of AWS keys and used them to access the AWS API from an intermediate host with another, smaller service provider in the US. Evidence shows the attack started on May 31, 2017, around 2 am PST. Through the AWS API, the actor created several instances in our infrastructure to do reconnaissance.” Upon discovering this activity, they had rapidly shut it down within minutes.

This attack has brought concerns in regard to other cloud-based login services. These have become increasingly popular, and large amounts of individuals are now using them. But, with all of an individual’s credentials in one place, it puts a multitude of their accounts at risk in breaches like the above. Services like this need to have much more comprehensive security to be able to properly protect their customers.

A Focus on Advanced Security to Prevent Cyber Attacks

Cyber attacks are a much more common occurrence than most would likely think, as there seems to be a new significant attack or data breach almost every day. And yet, there are still far too many organizations that are negligent in regard to their security. With data like the above, and much more being held in the digital realm, organizations need to be more attentive to cyber security than ever. This includes meticulously combing systems and networks for any vulnerabilities and implementing advanced security tools. Some organizations are still relying purely on basic defensive methods, such as antivirus and firewalls. And while these are vital as a defensive measure, there is also the matter of being proactive. Many modern threats are able to easily circumvent basic security methods, which makes it necessary to be able to predict and prevent them. Extant tools can provide this ability, but they need to be implemented and used. Massive Alliance’s wide arsenal of security tools can help an organization to bolster themselves and prevent cyber attacks.

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.