Okta Hack: Threat Actors Stolen all Customer Data

In a pivotal update to the Okta security incident divulged in October 2023, Okta Security has unearthed additional intricacies surrounding the unauthorized intrusion into its customer support system. This revelation holds profound implications for the security of Okta's clientele, particularly those immersed in the Workforce Identity Cloud and Customer Identity Solution products. The investigation highlighted that the threat actor not only infiltrated the customer support system but also appropriated a report containing all users' names and email addresses. This report, compiled on September 28, 2023, comprised an exhaustive list of customer support system users, excluding those within the FedRamp High and DoD IL4 environments, operating on a distinct, unaffected support system. StorageGuard scans, detects, and fixes security misconfigurations and vulnerabilities across hundreds of storage and backup devices. The downloaded report encompassed a spectrum of information for each affected user, from creation dates to time zones. While most fields were void of sensitive personal data, including full names and email addresses, it elevated the risk of phishing and social engineering attacks targeting Okta customers. In response to the breach, Okta strongly advocates for implementing multi-factor authentication for administrators-an indispensable security measure transcending conventional password protection. Okta recommends phishing-resistant authenticators, such as Okta Verify FastPass, FIDO2 WebAuthn, or PIV/CAC Smart Cards, to fortify this layer of defense. Beyond MFA, Okta proposes additional measures to enhance security, encompassing admin session binding, admin session timeout, and a heightened focus on phishing awareness. These measures aim to fortify Okta's security infrastructure and shield users from potential threats. Okta reaffirms its commitment to customer security, pledging continuous evaluation and implementation of enhanced security measures. The company's proactive stance underscores its dedication to safeguarding customer data and preempting future breaches. Experience how StorageGuard eliminates the security blind spots in your storage systems by trying a 14-day free trial.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 30 Nov 2023 21:55:08 +0000


Cyber News related to Okta Hack: Threat Actors Stolen all Customer Data

Okta: Breach Affected All Customer Support Users - When KrebsOnSecurity broke the news on Oct. 20, 2023 that identity and authentication giant Okta had suffered a breach in its customer support department, Okta said the intrusion allowed hackers to steal sensitive data from fewer than one percent of ...
1 year ago Krebsonsecurity.com
Using Falco to Create Custom Identity Detections - Recent months have witnessed a surge in attacks targeting popular identity providers like Okta, underscoring the critical need for timely and effective detection capabilities. Open-source Falco offers a Dedicated plugin for the Okta identity ...
11 months ago Feeds.dzone.com
Okta Breach Widens to Affect 100% of Customer Base - Thus, Okta is warning all of its customers to be prepared for similar phishing and social engineering cyber-scams. "Given that names and email addresses were downloaded, we assess that there is an increased risk of phishing and social engineering ...
1 year ago Darkreading.com
5,000 Okta employees' data accessed in a third-party breach The Register - Updated Okta has sent out breach notifications to almost 5,000 current and former employees, warning them that miscreants breached one of its third-party vendors and stole a file containing staff names, social security numbers, and health or medical ...
1 year ago Theregister.com
Okta Hack: Threat Actors Stolen all Customer Data - In a pivotal update to the Okta security incident divulged in October 2023, Okta Security has unearthed additional intricacies surrounding the unauthorized intrusion into its customer support system. This revelation holds profound implications for ...
1 year ago Cybersecuritynews.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
2 months ago Aws.amazon.com
Okta says data leaked on hacking forum not from its systems - Okta denies that its company data was leaked after a threat actor shared files allegedly stolen during an October 2023 cyberattack on a hacker forum. Okta is a San Fransisco-based cloud identity and access management solutions provider whose Single ...
8 months ago Bleepingcomputer.com
OneLogin vs. Okta: Which IAM Solution Is Better? - OneLogin and Okta are two industry-leading identity and access management platforms used to secure user access to corporate resources and manage information about user identity. OneLogin and Okta are enterprise-grade IAM platforms offering security ...
8 months ago Techrepublic.com
Staying ahead of threat actors in the age of AI - At the same time, it is also important for us to understand how AI can be potentially misused in the hands of threat actors. In collaboration with OpenAI, today we are publishing research on emerging threats in the age of AI, focusing on identified ...
9 months ago Microsoft.com
Okta Admits All Customer Support Users Impacted By Breach - Okta has revealed that an October security breach compromised all users of its customer support system rather than a small subset as previously thought. CSO David Bradbury said last month that only 134 customers were impacted after a threat actor ...
1 year ago Infosecurity-magazine.com
Okta warns of credential stuffing attacks targeting its CORS feature - Okta warns that a Customer Identity Cloud feature is being targeted in credential stuffing attacks, stating that numerous customers have been targeted since April. Okta is a leading identity and access management company providing cloud-based ...
6 months ago Bleepingcomputer.com
Adobe Real-Time CDP: Personalized Customer Experience - Adobe Experience Cloud Products like Adobe Real-Time CDP are available to assist. A revolutionary solution called Adobe Real-Time Customer Data Platform was created to assist companies in realizing the whole value of their customer data. Adobe ...
11 months ago Hackread.com
Cloudflare discloses breach related to stolen Okta data - Last fall, Cloudflare announced it mitigated an attempted cyberattack stemming from the infamous Okta breach. Cloudflare disclosed in a blog post that it had been breached by an unnamed nation-state threat actor using an access token and three ...
10 months ago Techtarget.com
CVE-2021-42016 - A vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.8), RUGGEDCOM i801 (All versions < V4.3.8), RUGGEDCOM i802 (All versions < V4.3.8), RUGGEDCOM i803 (All versions < V4.3.8), RUGGEDCOM M2100 (All versions < ...
1 year ago
E-commerce Security: Protecting Customer Data - In today's digital landscape, ensuring the security of customer data in e-commerce is a crucial concern for businesses. Protecting e-commerce data security is a complex task that requires a comprehensive understanding of the challenges faced by ...
10 months ago Securityzap.com
Cloudflare publishes details of Thanksgiving security breach The Register - Cloudflare has just detailed how suspected government spies gained access to its internal Atlassian installation using credentials stolen via a security breach at Okta in October. In a write-up on Thursday, CEO Matthew Prince, CTO John ...
10 months ago Go.theregister.com
CVE-2021-42017 - A vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.8), RUGGEDCOM i801 (All versions < V4.3.8), RUGGEDCOM i802 (All versions < V4.3.8), RUGGEDCOM i803 (All versions < V4.3.8), RUGGEDCOM M2100 (All versions < ...
1 year ago
TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793 - As part of this analysis, we look at threat actor TTPs employed throughout the intrusion and how they were identified and pieced together by the FortiGuard IR team. The following section of this report focuses on the activities of one of these threat ...
11 months ago Feeds.fortinet.com
Ticketmaster confirms massive breach after stolen data for sale online - Live Nation has confirmed that Ticketmaster suffered a data breach after its data was stolen from a third-party cloud database provider, which is believed to be Snowflake. While the breach has allegedly exposed the data of over 560 million ...
6 months ago Bleepingcomputer.com
Operation Morpheus took down 593 Cobalt Strike servers used by threat actors - Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. Experts released PoC exploit code for a critical bug in Progress Telerik Report Servers. Threat actors may have exploited a zero-day in older iPhones, Apple warns. Nation-state ...
4 months ago Securityaffairs.com
Review: Top 5 For Outsourced Customer Service Solutions UK and Abroad - For companies that have too many phone calls and emails to keep up, it is very common to outsource your customer services, either domestically in the UK or abroad to the likes of India or The Philippines. An outsourced customer service firm can ...
5 months ago Itsecurityguru.org
Live Nation finally confirms massive Ticketmaster data breach - Live Nation has confirmed that Ticketmaster suffered a data breach after its data was stolen from a third-party cloud database provider, which is believed to be Snowflake. While the breach has allegedly exposed the data of over 560 million ...
6 months ago Bleepingcomputer.com
The Rise of Digital Customer Experience - Digital customer experience is a hot topic these days. In all seriousness, digital customer experience is one of the most important differentiators for your business. At its core, DCX is about the customer journey-a guided path for your customers to ...
11 months ago Feedpress.me
Threat actors misuse OAuth applications to automate financially driven attacks - Threat actors are misusing OAuth applications as an automation tool in financially motivated attacks. Threat actors compromise user accounts to create, modify, and grant high privileges to OAuth applications that they can misuse to hide malicious ...
11 months ago Microsoft.com
CVE-2021-37209 - A vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.8), RUGGEDCOM i801 (All versions < V4.3.8), RUGGEDCOM i802 (All versions < V4.3.8), RUGGEDCOM i803 (All versions < V4.3.8), RUGGEDCOM M2100 (All versions < ...
1 year ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)