<img src="https://secure.leadforensics.com/32105.png" style="display:none;">

US Security Firm Breached - Hacker Finds 'Secure Data' Stored in Clear Text

U.S-Security-Firm-Breached.jpg

It’s been reported there has been a security breach at one of our competitors, OneLogin, where a hacker has been able to access customer 'Secure Notes'.

The purpose of this blog is to reassure our customers their data is not at risk of a breach from a similar attack vector.

What is Believed to have Happened?

In a statement released by OneLogin, they stated a hacker managed to obtain the credentials belonging to an internal administrator. Using these credentials the hacker logged into their servers and accessed their system logs. It transpired these logs contained clear text copies of customers' secure notes data.

As a precautionary measure they reset all passwords for external systems. You can find a link to their blog article here.

As a My1Login Customer, Does My Data Face the Same Risk?

No. Unlike OneLogin, My1Login performs full client-side encryption of sensitive data such as usernames, passwords and secure notes. This means that clear text copies of your information are never sent to our servers and therefore cannot leak out to log files, database tables, etc.

My1Login's full client-side encryption ensures that even our staff cannot access your sensitive information, as it is encrypted within your environment before it is sent to the My1Login servers. This segregation of encryption keys and encrypted data is key to securing your sensitive data.

If you have any questions or would like further information, please contact your account manager or contact one of our Identity Experts.

Back to Blog

Related Articles

My1Login has been named a finalist for IAM in two Awards

My1Login has been named a finalist for its Identity and Access Management solution at both the Computing Security Awards and the Computing Security Excellence...

My1Login Approved as UK Government Supplier on G-Cloud 13 Framework

We are delighted to announce that My1Login has been approved as a G-Cloud 13 supplier – the UK Government procurement framework for public-sector bodies.The G-Cloud...

My1Login Wins Best Identity Management Solution 2022

My1Login wins Best Identity Management Solution at the SC Awards Europe 2022!