Rising Tide of Software Supply Chain Attacks: An Urgent Problem

September 12, 2024 at 10:08AM Software supply chain attacks have become a major concern, with a 180% surge in vulnerability-based breaches in 2023. High-profile attacks like SolarWinds and Okta highlight the significant impact and lingering liabilities. Understanding and mitigating these attacks is crucial, involving processes such as SSCS and continuous code scanning to secure software … Read more

Okta says data leaked on hacking forum not from its systems

March 11, 2024 at 04:17PM Okta denies leaked company data from October 2023 cyberattack. The breach impacted customer support system users, including stolen credentials allowing attackers to access cookies and authentication. A threat actor claimed to release an Okta Database containing 3,800 customer records. Okta confirms the data does not belong to them, likely from … Read more

Okta Breach Widens to Affect 100% of Customer Base

November 30, 2023 at 05:56PM Okta updated the impact of its September hack from less than 1% to all customers, revealing the potential for heightened phishing risks due to leaked user data. Despite this, Okta reported a 20% revenue increase and remains optimistic about its identity platforms. However, some are observing a market shift away … Read more

Okta data breach dilemma dwarfs earlier estimates

November 29, 2023 at 04:35PM Okta’s October support system breach impacted all customer accounts, far more than the initial 134 reported. Although mostly names and emails were accessed, the risk of phishing is heightened. Okta urges customers to use multi-factor authentication. The scale of the breach was realized after additional analysis and the discovery of … Read more

Okta Broadens Scope of Data Breach: All Customer Support Users Affected

November 29, 2023 at 10:54AM Hackers accessed Okta’s support system and obtained names and email addresses of all customer support users, broadening the scope of the October breach. Initially thought to affect only 134 customers, the intrusion actually compromised data from all Okta WIC and CIS customers, except those in high-security government environments. No sensitive … Read more

Okta: October data breach affects all customer support system users

November 29, 2023 at 08:32AM Okta’s customer support system was breached, affecting all support system users and exposing names, emails, and other details. Less than 1% of customers had session tokens stolen. Okta advises all users, especially unsecured admins, to implement multi-factor authentication and increase vigilance against phishing. No credentials were exposed. Previous attacks included … Read more

Okta Discloses Broader Impact Linked to October 2023 Support System Breach

November 29, 2023 at 01:54AM Okta disclosed further activity related to their October 2023 breach, revealing that names and emails of customer support system users were downloaded. Affecting most customers except those using separate support systems, Okta took precautionary steps and is aiding an investigation by digital forensics. The attacker’s identity is unknown, but Scattered … Read more

Okta breach affected 134 orgs, ‘or less than 1%’ of customers, company admits

November 6, 2023 at 09:11AM Okta has confirmed that its October breach resulted in the compromise of files belonging to 134 customers, which is less than 1 percent of their customer base. Among the affected customers are 1Password, BeyondTrust, and Cloudflare. The breach involved an employee signing into their personal Google account on a company-managed … Read more

Okta’s Recent Customer Support Data Breach Impacted 134 Customers

November 4, 2023 at 05:24AM Identity and authentication management provider, Okta, reported a recent data breach that affected 134 out of its 18,400 customers. The breach occurred from September 28 to October 17, 2023, and resulted in unauthorized access to session tokens. The company revealed that 5 customers had their legitimate Okta sessions hijacked. Okta … Read more

Okta Customer Support Breach Exposed Data on 134 Companies

November 3, 2023 at 03:42PM Threat actors breached Okta’s customer support system, stealing files related to 134 customers. Five specific customers, including BeyondTrust, 1Password, and Cloudflare, were targeted with the stolen data. The breach was due to compromised employee credentials on a personal device. Okta has revoked the affected session tokens and implemented measures to … Read more