Okta's Recent Customer Support Data Breach Impacted 134 Customers
Nov 04, 2023
Data Breach / Cyber Attack
Identity and authentication management provider Okta on Friday disclosed that the recent support case management system breach affected 134 of its 18,400 customers. It further noted that the unauthorized intruder gained access to its systems from September 28 to October 17, 2023, and ultimately accessed HAR files containing session tokens that could be used for session hijacking attacks. "The threat actor was able to use these session tokens to hijack the legitimate Okta sessions of 5 customers," Okta's Chief Security Officer, David Bradbury, said . Three of those affected include 1Password, BeyondTrust, and Cloudflare . 1Password was the first company to report suspicious activity on September 29. Two other unnamed customers were identified on October 12 and October 18. Okta formally revealed the security event on October 20, stating that the threat actor leveraged access to a stolen credential to access Okta's support case management system. Now, the