Okta Customer Data Exposed in Security Breach
Okta, a popular identity services provider, acknowledged a security breach that allowed bad actors to access its support case management system via stolen account credentials. David Bradbury, chief security officer for Okta, commented the following: “The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases … It should be noted that
Okta, a popular identity services provider, acknowledged a security breach that allowed bad actors to access its support case management system via stolen account credentials.
David Bradbury, chief security officer for Okta, commented the following: “The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases … It should be noted that the Okta support case management system is separate from the production Okta service, which is fully operational and has not been impacted.”
Luckily, the company’s Auth0/CIC system was not a part of the breach. Okta has reached out to users affected by the security incident.
That said, there’s a risk in the current breach in the company’s HTTP Archive (HAR) files which are used to simulate issues for troubleshooting. These files can potentially contain personal information, like cookies and session tokens, which bad actors could use to impersonate legitimate users. Attackers might have access to these files, so Okta is working with affected customers to revoke tokens for their security.
There are still questions about the breach, Okta is keeping many details private. However, Okta told The Hackers News the breach affected 1% of its 18,400 users. We also know BeyondTrust and Cloudfare were targets in the attack: Bad actors hijacked a session token from a Cloudfare employee’s support ticket, and used that to break into Cloudfare systems October 18. Two employees were compromised by bad actors, but no customer info was compromised.
BeyondTrust told Okta about the breach on October 2, but says the hackers may have had acccess until at least October 18.
Share This
More Articles
Apr. 30, 2024
Microsoft May Be Trying to Earn Back Trust in Cybersecurity
Apr. 30, 2024
Email Isn’t Always Secure (but It Can Be)
Apr. 23, 2024
You Should Check Which Apps on Your Smartphone Are Using Your Location
Apr. 23, 2024
Protect Your Privacy By Forwarding Your Emails Through a Decoy Account
Apr. 16, 2024
Don’t Send Important Business Information Over SMS
View All