The implicit promise of password management and single sign-on services like OneLogin is that they keep your credentials safe and private so you won’t have to worry about remembering them or writing them down somewhere insecure. As such, it isn’t uncommon for these services themselves to be become the target of malicious attacks in order to pilfer their customers’ data. It is somewhat rare, however, for such services fall victim to a very serious breach of security, like just what happened to OneLogin at the end of last month.
ORIGINAL SOURCE: slashgear.com
The post OneLogin attacker may have gotten ability to decrypt data appeared first on IT SECURITY GURU.
from OneLogin attacker may have gotten ability to decrypt data