Okta announced on Tuesday that hackers who breached its systems in October stole details about every user of the identity management service’s customer support platform, contradicting the company’s announcement in early November that only one percent of users were affected.
The stolen data includes the names and email addresses of every client in Okta’s customer support database, as well as details about some of the company’s own employees. Okta reportedly sent its clients a letter Tuesday, notifying them that they now face their own increased risks of hacking attacks thanks to the data breach. Okta customers (and everyone else on the planet) should make sure they have strong security measures in place including strong passwords and multi-factor authentication. Seriously, go check right now.
It’s painfully ironic news at a company where security and verifying people’s identities is the entire business model. Okta says it rolled out new security features and made recommendations for the next steps to its customers.
“While we do not have direct knowledge or evidence that this information is being actively exploited, we have notified all our customers that this file is an increased security risk of phishing and social engineering, pushed new security features to our platforms, and provided customers with specific recommendations to defend against potential targeted attacks against their Okta administrators,” said Okta spokesperson Jenny Grich.
Names and email addresses may not seem like much without the corresponding passwords, but leaking this data dramatically increases the risks of attacks. Hackers often target their marks by posing as coworkers and convincing victims to share confidential information or click on malicious links. Names and emails can also be paired with login credentials leaked in other breaches and used in password-stuffing attacks.
“We are working with a digital forensics firm to support our investigation and we will be sharing the report with customers upon completion,” Grich said. “In addition, we will also notify individuals that have had their information downloaded.”
On November 3rd, Okta said only 184 of the clients in its customer support system were affected by the October data breach. In a blog post on Wednesday, Okta’s Chief Security Officer David Bradbury said the company determined the real number is far higher, amounting to almost every customer that uses the company’s Okta Workforce Identity Cloud and Customer Identity Solution services.
This isn’t Okta’s first recent security disaster. In 2022, a hacking group called LAPSUS$ posted screenshots suggesting it gained administrator access to Okta’s systems. Police in London arrested a number of teenagers allegedly tied to the attack. At the time, Okta CEO Todd McKinnon vowed to restore trust in the company’s tainted brand.
The world’s most traveled crew transport spacecraft will launch again tonight
ANDREW PIERCE: Tory MPs are handed the profile of ‘Candidate X’ who could save the party from electoral catastrophe
Veteran investor picks ‘Glorious 10’ global stocks with 30% annual gains over the last 5 years
Kate Winslet Performs Terrible Karaoke as a World Leader in ‘The Regime’
Child deaths in Gaza likely to ‘rapidly increase’ amid obstacles to aid: UNICEF
Son Accused of Setting Mom’s House Ablaze to Cover Up Her Murder
Can Rogaine Help My Overplucked Eyebrows Grow Back?
The 18 Best Neck Creams in 2024
9 ‘Healthy’ Cooking Myths It’s Time to Let Go Of
Most-Shopped Celeb Picks This Month- Olivia Culpo and More
Why The Beatles’ ‘The Long and Winding Road’ Fails
Buffy Sainte-Marie Wrote an Elvis Presley Song
Meghan Markle Once used 1 Word to Describe Her First Interactions With Kate Middleton
Kate Middleton Had a Sassy 5-Word Response After Being Mistaken for Prince William’s Assistant
Robert F. Kennedy Jr.’s Microsoft-Powered Chatbot Just Disappeared
Travel18 hours ago
Queen Anne to Boast Elevated Retail Experience with New Luxury Brands
Travel18 hours ago
Riyadh Air Partners with Adobe to Deliver Personalized Global Travel Experiences
News17 hours ago
Jack the Ripper relics go up for auction and collectors show there’s money in mayhem
Travel19 hours ago
Four Seasons Invites Travellers to Explore Anew with Immersive Experiences
Sport18 hours ago
Georgina drops massive Ronaldo retirement bombshell after CR7 tribute dress
News18 hours ago
I’m 57-years-old and I’ve never had cosmetic surgery – but I tried a £350 ‘hair Botox’ treatment to de-frizz my locks and the results were instant
News17 hours ago
Up to Dh500,000 fine in UAE for misleading residents with false advertisements
News16 hours ago
Kim Kardashian wows in a figure-hugging black lace dress as she joins Serena Williams, braless Joan Smalls and Vittoria Ceretti at PFW’s Balenciaga show