Cyber crooks are back at it again, this time hacking into OneLogin, an online password manager that offers a single sign-on to multiple websites and services. In a statement posted by OneLogin, they mentioned that they could not dismiss the possibility that cyber criminals got keys to reading encrypted data, namely stored passwords.
Password managers such as OneLogin help users keep track of password for a growing assortment of websites and services that requires one. As opposed to recalling complex passwords for each one, users would only need to remember a master password. The password service would then unlock other accounts as needed. In 2015, rival company LastPass said they also experienced a breach where user information was accessed, though the company explained that no actual passwords were obtained. LastPass had encouraged users to change their master password.
Cyber security experts are all in agreeance that despite the possibility of a breach, it’s still better to use a password manager than using the same password for multiple sites. Since the breach, OneLogin has contacted impacted customers with specific recommended remediation steps to protect themselves.
For more information on OneLogin and securing your data, please contact Power Consulting Group, 212-647-0377.