November 3, 2023 at 10:53AM Okta recently disclosed that attackers gained unauthorized access to its customer support system from September 28 to October 17, 2023. Files belonging to 134 customers were compromised, and session hijacking attacks were carried out using stolen session tokens. The breach affected five customers, including 1Password, BeyondTrust, and Cloudflare. Okta took … Read more
November 3, 2023 at 10:24AM Okta recently revealed that attackers who breached their customer support system gained access to files belonging to 134 customers. Of those customers, five were targets of session hijacking attacks using stolen session tokens. Three of the affected customers, 1Password, BeyondTrust, and Cloudflare, reported the unauthorized activity after detecting login attempts … Read more
November 2, 2023 at 11:39AM Okta has notified approximately 5,000 employees that a file containing their personal information was stolen in a breach on one of their third-party vendors, Rightway Healthcare. The breach occurred on September 23, but was only discovered on October 12. Okta has found no evidence of the personal information being misused … Read more
November 2, 2023 at 11:11AM Cloud identity management provider Okta has warned around 5,000 current and former employees that their personal information may have been exposed in a data breach affecting healthcare coverage provider Rightway Healthcare. The breach, which occurred on September 23, 2023, compromised a file containing names, Social Security numbers, and health insurance … Read more
October 24, 2023 at 04:19PM Password manager 1Password is the second victim of Okta’s recent customer support breach. Okta, a cloud-based identity and access management service, suffered a cyberattack that compromised access to customer support systems, allowing the attacker to infiltrate some customers, including 1Password. Fortunately, no user or employee data was compromised. Okta has … Read more
October 24, 2023 at 11:21AM 1Password has confirmed that it was attacked by cyber criminals following a breach of Okta’s customer support portal. The attack was detected on September 29 and the company’s incident response team quickly engaged, finding a suspicious IP address and unauthorized access to the Okta instance. While no user data or … Read more
October 20, 2023 at 05:48PM Hackers breached Okta’s support case management system and accessed sensitive data that can be used for identity impersonation. The stolen data includes cookies and session tokens, which can be used for further attacks. Okta has taken steps to protect its customers, but recommends sanitizing credentials and tokens before sharing them. … Read more
October 20, 2023 at 02:48PM Attackers breached Okta’s support management system using stolen credentials, gaining access to files containing cookies and session tokens uploaded by customers. The incident did not impact the production Okta service or the Auth0/CIC case management system. Okta notified affected customers and advised all customers to sanitize their HAR files to … Read more