OneLogin Security Incident
Incident Report for Apteligent

Over the past month we have investigated and found no evidence of intrusion in our system.

Here is a summary of the actions we performed immediately after we were notified of the incident by OneLogin:

  • We removed all apps from OneLogin
  • We changed the credentials of all users for all apps in OneLogin
  • We changed the credentials of all OneLogin users

Our direction prior to the incident was to migrate to VMware's Identity Manager solution. We will continue this work in the coming months.

Thank you for your attention and patience.

Posted about 2 months ago. Jul 06, 2017 - 13:09 PDT

Resolved
Incident is resolved. In an abundance of caution, we have reset all credentials for systems managed by OneLogin. Further, we have removed the trust relationship for all but one app from OneLogin, in preparation for an upcoming move to VMware's Identity Manager:

http://www.vmware.com/products/identity-manager.html

Over the next week, we will perform extended analysis of our systems with a view to detecting suspicious activity. We will post our findings here.
Posted 3 months ago. Jun 03, 2017 - 17:45 PDT
Monitoring
We have completed our audit of all low priority systems. As before, we have reset all credentials in these systems and removed them from OneLogin.

We will monitor the situation over the next few hours and update this page as necessary.
Posted 3 months ago. Jun 03, 2017 - 13:53 PDT
Update
We have performed an initial audit of the internal systems accessed through OneLogin and have found no sign of a breach. There is no disruption to our service; our platform and console are functioning normally.

At this time, OneLogin has not contacted us to let us know that our data was affected, per their initial incident post here:

https://www.onelogin.com/blog/may-31-2017-security-incident

As a precaution, however, we have:

* Reset all credentials in the internal systems we identified as high priority as a result of our audit.
* Removed these apps from the OneLogin system.

We will continue our investigation and post updates as we learn more.
Posted 3 months ago. Jun 03, 2017 - 00:15 PDT
Investigating
We were recently notified by OneLogin of a security breach of their platform in the US operating region. We use OneLogin to manage access to a number of internal systems. At this time we are evaluating the potential impact of the OneLogin breach and are taking all necessary steps to ensure our systems remain secure.

At Apteligent we take security seriously and are committed to open communication with our customers. We will post status updates here as more information is available.
Posted 3 months ago. Jun 02, 2017 - 19:34 PDT