Password management service, OneLogin has sent out a shocker by admitting that it has "detected unauthorised access" to its data, which means details of its customers could be compromised.
"Today we detected unauthorised access to OneLogin data in our US data region. We have since blocked this unauthorised access, reported the matter to law enforcement, and are working with an independent security firm to determine how the unauthorised access happened and verify the extent of the impact of this incident," wrote Alvaro Hoyos, Chief Information Security Officer of OneLogin, in the company's blog.
Also read: What is Athena malware? Windows 10, XP Pro, 8.1, and others under target, says WikiLeaks
However, it has now emerged that it was not just a case of "unauthorised access" of data but much severe than what's being highlighted on the blog. The Register has reported that OneLogin has expressed its fear of customers' data being compromised by the attack in its emails to customers.
"All customers served by our US data centre are affected; customer data was compromised, including the ability to decrypt encrypted data," reads the description on the support page for the threat, according to The Register.
It went on to say that the support page for the attack has listed the following things to do for its customers:
- Reset your password
- Generate new certificates for your apps that use SAML SSO
- Generate new API credentials and OAuth tokens
- Generate and apply new directory tokens for Active Directory Connectors and LDAP Directory Connectors
- Update the API or OAuth credentials you use to authenticate to third-party directories like G Suite (Google), Workday, Namely, and UltiPro
- Generate and apply new Desktop SSO tokens
- Recycle any secrets stored in Secure Notes
- Update the credentials you use to authenticate to 3rd party apps for provisioning
- Update the admin-configured login credentials for apps that use form-based authentication
- Have your end-users update their passwords for the form-based authentication apps that they can edit, including personal apps
- Replace your RADIUS shared secrets
Meanwhile, OneLogin has said that it has initiated an investigation into the matter and has "reached out to impacted customers with specific recommended remediation steps."