Okta reports stolen source code

Share post:

Okta, the access management and identity provider, said that an attacker gained illegal entry to its private GitHub repositories and replicated some of its source code. It had earlier begun notifying customers via email of an incident in which an unidentified party stole the company’s source code.

This is the second security incident of the year. The most recent came to life when Okta was notified by GitHub in early December of possible suspicious access to its online code repositories. Okta determined after an investigation that someone had used that access to copy over its source code but had not gained unauthorized access to its identity and access management systems.

“Our investigation concluded that there was no unauthorized access to the Okta service, and no unauthorized access to customer data,” company officials said in a statement. “Okta does not rely on the confidentiality of its source code for the security of its services. The Okta service remains fully operational and secure.”

According to the statement, the copied source code only applies to the Okta Workforce Identity Cloud and not to any Auth0 products used with the company’s Customer Identity Cloud. Okta officials also stated that after learning of the breach, they temporarily restricted access to the company’s GitHub repositories and suspended GitHub integrations with third-party apps.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

North Korean Job Scam Targeting IT Job Seekers

North Korea’s Lazarus advanced persistent threat (APT) group has launched a sophisticated campaign, “Operation 99,” targeting freelance software...

Hackers Exploit FastHTTP in High-Speed Microsoft 365 Attacks

Threat actors are employing the FastHTTP Go library to launch high-speed brute-force password attacks on Microsoft 365 accounts...

YouTubers Targeted As Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results

Attackers have found a new way to infect people seeking pirated or cracked software: planting malicious download links...

New macOS Malware Exploits Apple’s Security Features to Stay Hidden and Steal User Data

A newly discovered variant of the Banshee macOS Stealer malware is putting 100 million Apple users at risk...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways