Turbotodd

Here’s a wake-up call for your Friday morning: Password manager OneLogin has been compromised.

ZDNet’s reporting that hackers now have the ability to decryp encrypted data and that all users served by US data centers are affected.

In a later update, OneLogin posted this:

“Our review has shown that a threat actor obtained access to a set of [Amazon Web Services, or AWS] keys and used them to access the AWS API from an intermediate host with another, smaller service provider in the US.”
– via ZDNet

ZDNet goes on to indicate that OneLogin “has advised customers to change their passwords, generate new API keys for their services, and create new OAuth tokens — use for logging into accounts — as well as to create new security certificates.”

If you’d like to follow recent cyberattacks by month, visit the IBM X-Force tracker here.