Password management service compromised in attack

People use password managers because they’re supposed to be safer than several alternatives, such as writing down passwords on a piece of paper or using the same one across multiple accounts.

But when those services become compromised, it serves as a harsh reminder that nothing is truly secure and everything has its risks.

Improperly secured network keys

OneLogin, an online password management site that oversees more than 2,000 accounts in 44 countries, recently had its United States clients exposed when a hacker bypassed its security and made off with database tables that contained encrypted data on enterprise apps and user info.

It’s unsure if the hacker was able to decrypt the data, but the unsettling threat is still present.

The hacker gained access using a set of Amazon Web Service keys. A OneLogin staffer saw irregular activity on the servers where the hacker had set up surveillance, and shut the attack down immediately.