Okta Confirms Data Breach: Hackers Steal Information Of All Users, Prompting Security Concerns

US access and management company Okta confirmed that hackers have stolen information of all users from its customer support system in the recent data breach a month ago. In a security incident in October, attackers accessed its support case management system and gained access to the networks of Okta customers.

The San Francisco-based company notified that hackers have downloaded a report containing data, including names and email addresses of all its clients, as per the Reuters report.

In a blog spot on Wednesday, Okta Chief Security Officer David Bradbury said the company has since determined that all of its customers are affected by the breach.

Okta provides identity services such as single sign-on and multi-factor authentication to secure logins for online applications and websites to customers, including Microsoft-backed OpenAI.

Since Okta provides services to OpenAI, which has a large user base in India, in this backdrop, Sonit Jain - CEO, GajShield Infotech told Businessworld that attackers might misuse the stolen information to craft sophisticated phishing emails or messages, tricking users into providing additional sensitive information or login credentials.

These attacks could compromise further accounts or lead to malware installations. The exposed data could potentially be used to impersonate users, allowing cybercriminals to create fake accounts or conduct fraudulent activities in the user’s names. Personal information obtained from the breach, such as names, email addresses, might be exploited for spamming, targeted advertising, or sold on the dark web, he added.

This security lapse will have implications, as many companies, including the US visa application portal. Any vulnerabilities arising from this breach pose severe consequences for Okta and its extensive user base, said Vishal Prakash Shah, Founder and CEO, Synersoft.

To mitigate these threats, Jain said affected users should consider taking immediate action, such as changing passwords, enabling multi-factor authentication (MFA), staying vigilant against phishing attempts, monitoring financial accounts for any suspicious activities. Additionally, they should closely follow any guidance or notifications provided by Okta regarding the breach and take necessary steps to secure their accounts and personal information.

The identity of the threat actors behind the most recent breach of Okta’s systems is still yet known.

This is not the first time Okta is facing such incidents. Last year, in a similar attack, hackers stole the source code and shared the screenshots on the internet openly.