Okta Breach Widens to Affect 100% of Customer Base
Early disclosures related to September compromise insisted less than 1% of Okta customers were impacted; now, the company says it was all of them.
Identity access management vendor Okta has released an update following an investigation into a hack this fall on its systems, revising the number of impacted customers up from less than 1% to a staggering 100%.
A blog post dated Nov. 29 from Okta chief security officer David Bradbury explained that an analysis of a breach from September revealed that an unauthorized user was able to run a report on Sept. 28 containing data on every user of Okta's customer support system, which leaked the following data: company name, contact information, user name, role description, and a "collection of other data." This type of information could be useful to threat actors in launching social engineering attacks, like the ones that leveraged Okta to breach MGM Resorts and Caesars Entertainment.
Read the Full Article on Dark Reading
About the Author
You May Also Like
2024 InformationWeek US IT Salary Report
May 29, 20242022 State of ITOps and SecOps
Jun 21, 2022