Okta reports stolen source code

Share post:

Okta, the access management and identity provider, said that an attacker gained illegal entry to its private GitHub repositories and replicated some of its source code. It had earlier begun notifying customers via email of an incident in which an unidentified party stole the company’s source code.

This is the second security incident of the year. The most recent came to life when Okta was notified by GitHub in early December of possible suspicious access to its online code repositories. Okta determined after an investigation that someone had used that access to copy over its source code but had not gained unauthorized access to its identity and access management systems.

“Our investigation concluded that there was no unauthorized access to the Okta service, and no unauthorized access to customer data,” company officials said in a statement. “Okta does not rely on the confidentiality of its source code for the security of its services. The Okta service remains fully operational and secure.”

According to the statement, the copied source code only applies to the Okta Workforce Identity Cloud and not to any Auth0 products used with the company’s Customer Identity Cloud. Okta officials also stated that after learning of the breach, they temporarily restricted access to the company’s GitHub repositories and suspended GitHub integrations with third-party apps.

The sources for this piece include an article in BleepingComputer.

Featured Tech Jobs



Related articles

Kaspersky uncovers malware targeting iPhones running iOS 15.7 and below

Kaspersky has uncovered a sophisticated malware campaign specifically designed to infect iPhones running up to iOS 15.7 through...

WordPress fixes critical Jetpack plugin vulnerability

WordPress has addressed a critical flaw discovered in the Jetpack plugin, which had the potential to enable authors...

Akamai discovers Dark Frost botnet exploiting gaming platforms

Akamai's security intelligence response team recently has alerted the general public of Dark Frost, a botnet that has...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways