Earlier today Identity Management company OneLogin reported a breach of its data-center located in the United States, putting 12,000,000 people at risk.
Reports indicate that peoples passwords, notes, private certificates, API keys and tokens, as well as the decrypted private data of customers could be at risk.
OneLogin claims to offer users secure access to their cloud and company apps on any device. The company is asking users to change the passwords of all accounts stored on it's platform, as well as revoking and regenerating all the keys and certificates.
This isn’t the first breach OneLogin has faced, they reported a public breach last August, when some of their customers' private data was hacked.
The problem here is that because all of users data is stored in OneLogin cloud, when they get compromised the way that they did today, all the accounts get compromised. This is a huge problem because it requires a full reset of all accounts, keys, and certificates that every single company uses.
We hope that OneLogin will be able to quickly determine the extent of the hack and remedy the situation.
At Myki, we are working on a safer alternative that decentralizes password certificates and keys across users devices instead of storing them in the cloud.
For more information visit: https://myki.co/portal
For now, change the passwords of all of your accounts and make sure that you do not use the same password across any services.
We will keep you updated on any further developments!
Check out our latest episode: Was British Airways Hacked?
Subscribe to our YouTube Channel for the latest in Cyber Security and Hacking news
The Myki Emergency Report is brought to you by the Myki Password Manager Team.