Cybersecurity Alert: OneLogin Data Breach Exposes Ability to Decrypt Data

June 1, 2017

Threat Summary

OneLogin, a password management platform, suffered a security breach that comprised customer data in the U.S. data region. Intruders were able to decrypt the encrypted data, exposing over 12 million users and 700 business customers. OneLogin reports that they've blocked the unauthorized access, reported the breach to law enforcement, and are investigating the cause of the breach.

For more information, see OneLogin's blog:

ACA Aponix Guidance

ACA Aponix recommends taking the following precautionary measures:

  • OneLogin users should immediately change all credentials stored within the platform, including their OneLogin master password, and ensure that multi-factor authentication is enabled for logging into OneLogin. Recycle any data in shared notes within OneLogin, if used.
  • Leverage multi-factor authentication on all sites when possible to prevent credential breaches.
  • Generate new certificates for any SAML integrations.
  • Force password resets via the administration management pages for all users.
  • Generate new directory tokens, if used.

If you have any questions, please contact your ACA Aponix consultant or email us at