Okta denies that its company data was leaked after a threat actor shared files allegedly stolen during an October 2023 cyberattack on a hacker forum.
Okta is a San Fransisco-based cloud identity and access management solutions provider whose Single Sign-On, multi-factor authentication, and API access management services are used by thousands of organizations worldwide.
In October 2023, Okta warned that its support system was breached by hackers using stolen credentials, allowing attackers to steal cookies and authentication for some customers.
After the internal investigation was completed in late November, it was revealed that the incident impacted all users of the customer support system.
That incident elevated the risk of breaches for multiple Okta clients, with a notable case being a subsequent compromise of one of Cloudflare's self-hosted Atlassian servers where the hackers employed access tokens stolen during the Okta breach.
On Saturday, a cybercriminal using the alias 'Ddarknotevil' claimed to be releasing an Okta Database containing information of 3,800 customers that was stolen during last year's breach.
The leaked data includes user IDs, full names, company names, office addresses, phone numbers, email addresses, positions/roles, and other information.
BleepingComputer contacted Okta over the weekend to ask if the claims are linked to the October incident or any other undisclosed breach.
Today, the company said that the data does not belong to them and appears to be from public information on the internet.
The Okta spokesperson also confirmed to BleepingComputer that the firm's IT team thoroughly investigated all systems over the weekend and found no evidence of a breach.
Cyber-intelligence firm KELA also reviewed the shared data and independently corroborated that the data does not belong to Okta but is believed to be from a different company breached in July.
KELA's analysis of the data and number of records confirmed that it's the same data as a July 2023 dump made by the threat actor 'IntelBroker,' who claimed to have stolen it from the National Defense Information Sharing and Analysis Center.
200,000 Facebook Marketplace user records leaked on hacking forum.
BreachForums hacking forum admin sentenced to 20 years supervised release.
US govt wants BreachForums admin sentenced to 15 years in prison.
Okta: October data breach affects all customer support system users.
FBI: U.S. lost record $12.5 billion to online crime in 2023.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 11 Mar 2024 20:20:11 +0000