JUST IN

[ April 19, 2024 ] Micron Will Receive $6.1 Billion to Build Semiconductor Plants Technology
[ April 19, 2024 ] Netflix Added More Than 9 Million Subscribers in First Quarter Technology
[ April 19, 2024 ] Stardew Valley creator casually flings 40 new mine layouts into latest patch Game News
[ April 18, 2024 ] Jack Black All But Confirms He’s Steve In The Minecraft Movie Game News
[ April 18, 2024 ] Cities Skylines 2 publisher refunds DLC and admits: “We let you down” Wii U

April 19, 2024

Okta confirms code breach, but says no customer data was harmed

December 22, 2022 admin Technology 0

Authentication giant Okta has now confirmed recent reports of a data breach affecting its internal code.

In a press release, the company repeated the points given in a confidential email shared with its security contacts – namely, that someone managed to gain access to the company’s GitHub repository, a breach of which Okta was notified in early December this year.

After investigating the matter, Okta concluded that someone copied the source code parked in the repository, and moved to secure its premises by placing temporary restrictions and suspending all GitHub integrations with third-party applications.

Okta Workforce Identity Cloud affected

Further investigation uncovered that Okta’s customers were not affected by the incident, including HIPAA, FedRAMP, and DoD customers, therefore, are not required to do anything. “Okta does not rely on the confidentiality of its source code for the security of its services,” the announcement reads. “The Okta service remains fully operational and secure.”

The breach pertains to Okta Workforce Identity Cloud (WIC) code repositories, the company confirmed, adding that it does not pertain to any Auth0 (Customer Identity Cloud) products.

Law enforcement agencies have been notified, the announcement concludes.

> > Okta confirms hundreds of customers could be affected by data breach

> Everything we know about Lapsus$ and Okta so far

> Check out the best endpoint protection services around

Commenting on the news, Raj Samani, SVP Chief Scientist at Rapid7, said a company's source code is quite valuable, and as such, important to cybercriminals.

“From our own research, we know that intellectual property is a popular target for threat actors with 12% of data disclosures between April 2020 and February 2022 containing it,” Samani said. “Stolen source code can be used to find hidden security vulnerabilities and launch further attacks on a business; therefore, it is crucial that such sensitive information is protected.”

This is not Okta’s first rodeo. In March, notorious extortion group Lapsus$ announced it had breached Okta’s administrative consoles and stolen customer data.

And in September, Auth0 (owned by Okta) reported a similar incident, when a “third-party individual” managed to steal old source code. The method was never established, so it isn't known if any malware was involved.

These are the best firewalls around

Source

9vq.net All About Games

Game News & Updates

Okta confirms code breach, but says no customer data was harmed

Okta Workforce Identity Cloud affected

Be the first to comment

Leave a Reply Cancel reply

Stardew Valley creator casually flings 40 new mine layouts into latest patch

Jack Black All But Confirms He’s Steve In The Minecraft Movie

Netflix confirms The Witcher Season 5 will be its last

Kingdom Come: Deliverance 2 announced

Baldur’s Gate 3 studio confirms two new projects: “Will be our best work ever”