November 4, 2023 at 05:24AM Identity and authentication management provider, Okta, reported a recent data breach that affected 134 out of its 18,400 customers. The breach occurred from September 28 to October 17, 2023, and resulted in unauthorized access to session tokens. The company revealed that 5 customers had their legitimate Okta sessions hijacked. Okta … Read more
November 3, 2023 at 03:42PM Threat actors breached Okta’s customer support system, stealing files related to 134 customers. Five specific customers, including BeyondTrust, 1Password, and Cloudflare, were targeted with the stolen data. The breach was due to compromised employee credentials on a personal device. Okta has revoked the affected session tokens and implemented measures to … Read more
October 23, 2023 at 06:40PM Hackers breached the Okta support case management system, impacting 1Password. No user data from 1Password was compromised, but the breach involved an IT employee’s stolen session cookie. The threat actor attempted to manipulate authentication flows and gain unauthorized access. Okta confirmed the breach and both companies have taken steps to … Read more
October 21, 2023 at 05:09AM Identity services provider Okta disclosed a security incident where threat actors used stolen credentials to access its support case management system. Okta confirmed that customer data in the support system was compromised, but its production Okta service was not affected. The breach has also impacted customers Cloudflare and BeyondTrust. This … Read more
October 20, 2023 at 05:48PM Hackers breached Okta’s support case management system and accessed sensitive data that can be used for identity impersonation. The stolen data includes cookies and session tokens, which can be used for further attacks. Okta has taken steps to protect its customers, but recommends sanitizing credentials and tokens before sharing them. … Read more
October 20, 2023 at 02:48PM Attackers breached Okta’s support management system using stolen credentials, gaining access to files containing cookies and session tokens uploaded by customers. The incident did not impact the production Okta service or the Auth0/CIC case management system. Okta notified affected customers and advised all customers to sanitize their HAR files to … Read more