The latest investigation
Okta’s recent investigation into the exploit of its Help Center environment in October disclosed that the threat actors stole the data that belonged to all customer support system users. Okta mentioned that the hackers also stole extra reports and support cases with contact info for all contact of all certified Okta users.
“We have determined that the threat actor ran and downloaded a report that contained the names and email addresses of all Okta customer support system users. All Okta Workforce Identity Cloud (WIC) and Customer Identity Solution (CIS) customers are impacted except customers in our FedRamp High and DoD IL4 environments (these environments use a separate support system NOT accessed by the threat actor). The Auth0/CIC support case management system was also not impacted by this incident,” mentioned Okta.
Hackers gain unauthorized access
Early in November, the company announced that a threat actor had obtained unauthorized access to files within its customer support system, indicating a small data breach.
Based on facts revealed at the time, the hacker acquired HAR files containing cookies and session tokens for 134 clients – fewer than 1% of the company’s customers – which might be used to disrupt legitimate users’ Okta sessions.
Let us take a deep dive into the incident
A deeper look into
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.