Identity management giant Okta has faced yet another security breach, sending its shares plummeting by nearly 12%.
Okta Inc. has found itself in the hot seat once again as it grapples with the aftermath of yet another security breach. This latest breach involved “adversarial activity” that exploited stolen credentials to access Okta’s support case management system.
The breach allowed unauthorized access to files uploaded by specific Okta customers.
While this system operates separately from the primary Okta service, the incident has raised concerns about the company’s security infrastructure.
The security fallout
Okta promptly informed affected customers and is actively collaborating with them to investigate the extent of the breach. However, the number of affected customers and the means by which the credentials were pilfered have not been disclosed.
Of particular note is BeyondTrust Corp., one of the impacted customers, which made an jarring revelation. They detected an identity-centric attack on an in-house Okta administrator account on October 2nd, 2023, and promptly alerted Okta.
Okta acted on the warning after over a week. Only on October 19th did Okta’s security leadership acknowledge the breach. It turns out that BeyondTrust is one of the victims.
Cloudflare Inc. has also come forward, pointing to Okta as the source of attacks they detected on October 18th. Cloudlfare managed to safeguard their customers after a quick response.
Not the first attack
This latest breach is not an isolated incident. Okta’s security has been in the spotlight before. In March 2022, the company was targeted by the Lapsus hacking group alongside Microsoft Corp., resulting in the theft of internal documents.
It was not disclosed until the breach became public, despite occurring in January. In December of the same year, Okta faced another data breach where source code repositories were accessed.
Experts have emphasised the importance of robust password management and multifactor authentication. They urge organizations to implement a multi-layered cybersecurity and cyber resilience program.
Okta users can strengthen their security measures by using strong passwords, multifactor authentication, and monitoring for suspicious activity.
This breach serves as a stark reminder of the need for cybersecurity diligence. It is a reminder not just for Okta but for any organization entrusted with sensitive data.