The recent breach of the Okta Support system was carried out via a compromised service account with permissions to view and update customer support cases. “During our investigation into suspicious use of this account, Okta Security identified that an employee had signed-in to their personal Google profile on the Chrome browser of their Okta-managed laptop. The username and password of the service account had been saved into the employee’s personal Google account,” David Bradbury, Chief … More
The post Okta breach post mortem reveals weaknesses exploited by attackers appeared first on Help Net Security.
This article has been indexed from Help Net Security
Read the original article: