Business
Hackers stole customer access tokens from Okta’s support unit, admits firm
San Francisco, Oct 21
Identity and access company Okta has identified “adversarial activity†that leveraged access to a stolen credential to access Okta's support case management system.
The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases, admitted Okta chief security officer David Bradbury.
“It should be noted that the Okta support case management system is separate from the production Okta service, which is fully operational and has not been impacted,†he mentioned in a blog post late on Friday.
All customers who were impacted in the security breach have been notified by the company.
Okta provides companies with access and identity tools, such as “single sign-onâ€. It has more than 18,000 customers with more than 7,000 integrations.
Bradbury said that Okta support will ask customers to upload an HTTP Archive (HAR) file, which allows for troubleshooting of issues by replicating browser activity.
“HAR files can also contain sensitive data, including cookies and session tokens, that malicious actors can use to impersonate valid users. Okta has worked with impacted customers to investigate, and has taken measures to protect our customers, including the revocation of embedded session tokens,†he informed.
Security firm BeyondTrust, which uses Okta, said that it notified the company of a potential breach on October 2 after it detected an attempted compromise to its network.
The incident began when BeyondTrust security teams detected an attacker trying to access an in-house Okta administrator account using a valid session cookie stolen from Okta’s support system.
“BeyondTrust’s own Identity Security Insights tool alerted the team of the attack, and they were able to block all access and verify that that attacker did not gain access to any systems,†said the company.
Okta is recommending its customers to sanitise all credentials and cookies/session tokens within a HAR file before sharing it.
12 hours ago
Vietnam boat accident: TN govt extends full support to victims and families
12 hours ago
Kerala couple among 15 Indians killed in Vietnam boat tragedy
13 hours ago
FIFA WC: 'Haaland is unstoppable in the box,' says Vieri ahead of Norway vs England quarterfinal
13 hours ago
FIFA WC: When and where to watch Argentina vs Switzerland, know all details
15 hours ago
Boat carrying Indian tourists capsizes in Vietnam, several killed
18 hours ago
Courtroom drama was on Kajal Aggarwal’s radar for a long time
18 hours ago
Television actor Rohit Chandel arrested for allegedly stalking, harassing a minor
18 hours ago
Matt Damon wants to collaborate with Shekhar Kapur
18 hours ago
India ranks 1st in milk production, 2nd in mobile, 3rd in auto globally: PM Modi in New Zealand
18 hours ago
Onion prices jump in Chennai as Maharashtra supply drops, traders warn of further rise
18 hours ago
FSSAI slaps Swiggy Instamart with 9 notices following consumer complaints
18 hours ago
Sabarimala Tantri designate opts out, cites ill health
18 hours ago
Correct script, pronunciation: Centre issues fresh guidelines for National Song, National Anthem
