If you use OneLogin to keep all your, well, login information straight, it’s time to change your password, as the password manager’s U.S. data centers are at the center of the latest hack attack.
OneLogin revealed the breach in a blog post Wednesday, noting that it detected unauthorized access to information stored in its U.S. data region.
The company, which allows users to access multiple web application, sites and services with one password, says that it is working with law enforcement and an independent security firm to determine how the access occurred and to verify the extent of the impact.
So far, the company has not provided information on how many people were affected by the breach, what information was exposed, or how hackers gained access to the data systems.
However, ZDNet reports that OneLogin revealed in an email that sensitive customer data was affected.
“OneLogin believes that all customers served by our US data center are affected and customer data was potentially compromised,” the email to ZDNet states.
The company says in its announcement that it has contacted affected users. ZDNet obtained the email notification to users, reporting that the company warned that hackers may be able to decrypt stored encrypted data.
For this reason, customers were advised to change their passwords, generate new API keys for their services, and create new tokens used for logging into accounts.