UPDATED 16:16 EDT / NOVEMBER 03 2023

SECURITY

Okta reveals hackers accessed 134 customers’ data in support system breach

Okta Inc. today disclosed that hackers had stolen 134 of its customers’ data, and launched cyberattacks against five, following a breach of its technical support system.

Nasdaq-listed Okta provides a cloud platform that companies use to process login requests to their applications. The platform also eases related tasks such as managing user account data. Okta generated $556 million in revenue last quarter, 23% more than the same time a year earlier.

The data theft the company detailed this morning occurred during a breach that first came to its attention in late September. Okta disclosed the incident on Oct. 20, but didn’t share detailed information about its cause or scope. In a blog post published this morning, Okta Chief Security Officer David Bradbury shared an overview of the breach.

The company first caught wind of the hack when customer AgileBits Inc., the developer of the popular 1Password password manager, reported suspicious activity to its support team. Over the following days, two more customers filed similar reports. Okta investigated the matter and determined that hackers had breached a system it relies on to process users’ technical support tickets.

Before their access was blocked, the cybercriminals accessed 134 customers’ information. According to Okta, the stolen data included a number of session tokens that have so far been used to launch cyberattacks against five of its customers.

A session token is a file in which an application keeps information about user activity. If hackers steal such files, they can in some cases use them to log into legitimate users’ application accounts. One Okta customer, cybersecurity company BeyondTrust Inc., reported that hackers had created an administrator account in its network using a stolen session token but failed to access any internal workloads.

Okta determined that the hackers gained access to its support system through a compromised service account. The associated username and password were saved to a personal Google account by an employee, which may have set the stage for the cyberattack. “The most likely avenue for exposure of this credential is the compromise of the employee’s personal Google account or personal device,” Bradbury detailed in today’s blog post.

In response to the breach, Okta has rolled out a policy that blocks employees from logging into their corporate computers using personal Google accounts. The company also upgraded the breach detection mechanism in its support ticket system. For added measure, Okta is rolling out a new feature for customers of its platform that will make their administrator accounts more secure.

The breach detailed today is one of several cybersecurity incidents the company has experienced over the past two years. Earlier this week, Okta disclosed that cybercriminals had stolen data belonging to nearly 5,000 of its employees after hacking an external supplier. Previously, the company disclosed a breach that affected several of its internal GitHub repositories. 

Photo: Okta

A message from John Furrier, co-founder of SiliconANGLE:

Support our open free content by sharing and engaging with our content and community.

Join theCUBE Alumni Trust Network

Where Technology Leaders Connect, Share Intelligence & Create Opportunities

11.4k+  
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+ 
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.

SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.