Okta customers’ data exposed in support system breach

Share post:

Okta has disclosed that hackers gained access to its customer support management system, exposing sensitive data belonging to some customers.

The company said the threat actors were able to view files uploaded by certain Okta customers as part of recent support cases. These files may have contained sensitive data, including cookies and session tokens, that could be used to impersonate valid users.

Okta said it has worked with affected customers to investigate the incident and has taken measures to protect its customers, including the revocation of embedded session tokens. The company also recommends that customers sanitize all credentials and cookies/session tokens within a HAR file before sharing it.

Okta did not disclose how the hackers stole the credentials to its support system or whether access to the compromised system was protected by two-factor authentication.

Security firm BeyondTrust said it alerted Okta to suspicious activity earlier this month after detecting an attacker using a valid authentication cookie trying to access one of BeyondTrust’s in-house Okta administrator accounts. BeyondTrust’s access policy controls stopped the attacker’s initial activity, but limitations in Okta’s security model allowed them to perform a few confined actions. BeyondTrust was eventually able to block all access.

BeyondTrust said it notified Okta of the incident, but did not receive a response for more than two weeks.

The sources for this piece include an article in ArsTechnica.

SUBSCRIBE NOW

Related articles

FBI rapidly hacks into Trump shooter’s phone, raises privacy concerns

Just two days after the attempted assassination at a Trump rally, the FBI announced it had gained access...

Disney investigating a potential major leak of internal communications

Disney is investigating a significant data breach by the hacking group Nullbulge, which claims to have accessed and...

Kaspersky to shut down its US business due to sanctions

Russian cybersecurity firm Kaspersky Lab announced it will cease its U.S. operations starting July 20, following sanctions from...

Google’s Gemini AI caught scanning private Google Drive documents without permission

Google's Gemini AI has come under fire for scanning private PDF documents in Google Drive without user consent....

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways