Okta denies that its company data was leaked after a threat actor shared files allegedly stolen during an October 2023 cyberattack on a hacker forum.
Okta is a San Fransisco-based cloud identity and access management solutions provider whose Single Sign-On (SSO), multi-factor authentication (MFA), and API access management services are used by thousands of organizations worldwide.
In October 2023, Okta warned that its support system was breached by hackers using stolen credentials, allowing attackers to steal cookies and authentication for some customers. After the internal investigation was completed in late November, it was revealed that the incident impacted all users of the customer support system.
That incident elevated the risk of breaches for multiple Okta clients, with a notable case being a subsequent compromise of one of Cloudflare's self-hosted Atlassian servers where the hackers employed access tokens stolen during the Okta breach.
On Saturday, a cybercriminal using the alias 'Ddarknotevil' claimed to be releasing an Okta Database containing information of 3,800 customers that was stolen during last year's breach.
"Today, I have uploaded the Okta database for you all, This Breach is being shared in behife @IntelBroker - [Cyber ] thanks for reading and enjoy!," a threat actor posted to a hacking forum."
"In September 2023, Okta, an IT service management company, suffered a data breach that led to the exposure of 3.8 thousand customer support users."
The leaked data includes user IDs, full names, company names, office addresses, phone numbers, email addresses, positions/roles, and other information.
BleepingComputer c ..
Support the originator by clicking the read the rest link below.
