March 11, 2024 at 04:17PM
Okta denies leaked company data from October 2023 cyberattack. The breach impacted customer support system users, including stolen credentials allowing attackers to access cookies and authentication. A threat actor claimed to release an Okta Database containing 3,800 customer records. Okta confirms the data does not belong to them, likely from public internet sources. KELA analysis corroborates the data is from a different company breach in July.
From the meeting notes, the key takeaways are:
1. Okta denies that its company data was leaked after a threat actor shared files allegedly stolen during an October 2023 cyberattack on a hacker forum.
2. The incident involving Okta’s support system being breached by hackers using stolen credentials impacted all users of the customer support system.
3. The leaked data claimed to be from Okta actually consists of information from a different company breached in July, not from Okta’s October 2023 security incident.
4. Okta’s IT team conducted a thorough investigation and found no evidence of a breach.
5. Cyber-intelligence firm KELA confirmed that the data shared does not belong to Okta but is believed to be from a different company breached in July.
These takeaways provide a clear understanding of the situation regarding the alleged data leak and Okta’s denial of involvement.