Okta customers’ data exposed in support system breach

Share post:

Okta has disclosed that hackers gained access to its customer support management system, exposing sensitive data belonging to some customers.

The company said the threat actors were able to view files uploaded by certain Okta customers as part of recent support cases. These files may have contained sensitive data, including cookies and session tokens, that could be used to impersonate valid users.

Okta said it has worked with affected customers to investigate the incident and has taken measures to protect its customers, including the revocation of embedded session tokens. The company also recommends that customers sanitize all credentials and cookies/session tokens within a HAR file before sharing it.

Okta did not disclose how the hackers stole the credentials to its support system or whether access to the compromised system was protected by two-factor authentication.

Security firm BeyondTrust said it alerted Okta to suspicious activity earlier this month after detecting an attacker using a valid authentication cookie trying to access one of BeyondTrust’s in-house Okta administrator accounts. BeyondTrust’s access policy controls stopped the attacker’s initial activity, but limitations in Okta’s security model allowed them to perform a few confined actions. BeyondTrust was eventually able to block all access.

BeyondTrust said it notified Okta of the incident, but did not receive a response for more than two weeks.

The sources for this piece include an article in ArsTechnica.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Cyber Security Today, Week in Review for week ending Friday, Feb. 23, 2024

This episode features discussion on the takedown of the LockBit ransomware gang

Breaking news: RCMP facing ‘alarming’ cyber attack

The RCMP is facing a serious cyber attack from an unspecified threat actor. The Mounties told CBC News today that a “breach of this magnitude is alarming.” “The situation is evolving quickly but at this time, there is no impact on RCMP operations and no known threat to the safety and security of Canadians,” a spokesperson

Leaked documents may show the inside of China’s hacking strategy

Documents apparently stolen by disgruntled employees to embarrass their firm may give insight into China's cyber

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways