| Rich Kulawiec on 2 Jun 2017 07:08:11 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| [PLUG] Password manager OneLogin hacked |
Recall the discussion about LastPass six months ago? On Mon, Jan 09, 2017 at 07:53:05AM -0500, Rich Kulawiec wrote: > On Sat, Jan 07, 2017 at 09:46:21PM -0500, Tim Allen wrote: > > I've been using LastPass for a while, and am dreading the day when they > > inevitably get hacked and I have to change all my passwords. > > You *should* dread that day, especially if it's already history. And -- quite predictably -- we now have this: Password manager OneLogin hacked, exposing sensitive customer data http://www.zdnet.com/article/onelogin-hit-by-data-breached-exposing-sensitive-customer-data/ Of course we only know about the hacks that operators care to report, which is a subset of the set they know about, which is a subset of the set their employees know about, which is a subset of the set that has happened, which is a subset of the set that has and will happen. It's only a matter of time. And each of those will raise interesting questions like this one (from the article cited above): "Am I the only 1 to find it disturbing OneLogin had a decryption method for customer data accessible enough to be grabbed via breach?" said one user on Twitter. Using any of these is clearly unprofessional, irresponsible, and negligent. ---rsk ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug