Okta breach impacts all of its customers

Okta’s latest update on its recent data breach has revealed that all Okta Help Center customers had their details exposed. Previously, the company estimated that only around 1% were affected.

Major security technology provider Okta has released new details surrounding a data breach impacting its support system. According to David Bradbury, the company’s chief security officer (CSO), attackers obtained data on all Okta customer support users.

“We have determined that the threat actor ran and downloaded a report that contained the names and email addresses of all Okta customer support system users. All Okta Workforce Identity Cloud (WIC) and Customer Identity Solution (CIS) customers are impacted except customers in our FedRamp High and DoD IL4 environments,” Bradbury said in a statement.

The report that attackers stole from the company includes information such as username, email address, company name, address, last login, phone number, and other data types. However, Bradbury stated that “for 99.6% of users in the report, the only contact information recorded is full name and email address.”

“While we do not have direct knowledge or evidence that this information is being actively exploited, there is a possibility that the threat actor may use this information to target Okta customers via phishing or social engineering attacks,” Okta’s CSO said.

Worryingly, Okta customers sign in to the customer support system via the same account used for Okta.org, which prompted the company to reiterate that it’s critical that users employ multi-factor authentication (MFA) to avoid undesired attention from potential attackers.

“Given that names and email addresses were downloaded, we assess that there is an increased risk of phishing and social engineering attacks directed at these users. While 94% of Okta customers already require MFA for their administrators, we recommend ALL Okta customers employ MFA and consider the use of phishing-resistant authenticators to further enhance their security,” reads the statement.

Okta’s woes

Okta has suffered several data breaches over the past year. Earlier this month, it was revealed that the sensitive data of thousands of Okta’s employees was exposed through Rightway Healthcare, a third-party healthcare vendor it uses.

The IT service management company Cloudflare announced unauthorized access to its Okta instance on October 18th, while the password management company 1Password reported that it detected suspicious activity on its Okta instance on September 29th.

Back in December 2022, Okta’s private GitHub code repositories were hacked.

None of the incidents were reported to have compromised the sensitive information of Okta customers or any of the American technology companies.

Okta provides security technology for businesses, governments, and other organizations. Some of the largest Okta customers are Zoom, Sonos, Bain & Company, T-Mobile, Hewlett Packard and others.

More from Cybernews:

Google Drive files mysteriously disappearing, users report

In the age of AI, “authentic” is Merriam-Webster’s word of 2023

KidSecurity’s user data compromised after app failed to set password

China's ride-hailing giant Didi offers coupons to apologize for app glitch

Texas water utility claimed by ransom gang

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked