Centralized password managment business OneLogin, which allows users to sign on to multiple apps and sites with just one password, has been breached. Targeting OneLogin’s US data center, the cyber attackers had the ability to decrypt encrypted data.
Customers are being directed to a registration site to learn what steps to take, including:
- forcing a password reset
- generating new security credentials and certificates for apps and sites
- recycling secrets stored in OneLogin’s secure notes