Security News > 2022 > December > Okta says its GitHub account hacked, source code stolen

Okta says its GitHub account hacked, source code stolen
2022-12-21 06:15

Okta, a leading provider of authentication services and Identity and Access Management solutions, says that its private GitHub source code repositories were hacked this month.

According to a 'confidential' email notification sent by Okta and seen by BleepingComputer, the security incident involves threat actors stealing Okta's source code.

Earlier this month, GitHub alerted Okta of suspicious access to Okta's code repositories, states the notification.

Despite stealing Okta's source code, attackers did not gain unauthorized access to the Okta service or customer data, says the company.

Okta's "HIPAA, FedRAMP or DoD customers" remain unaffected as the company "Does not rely on the confidentiality of its source code as a means to secure its services." As such, no customer action is needed.

We have since reviewed all recent access to Okta software repositories hosted by GitHub to understand the scope of the exposure, reviewed all recent commits to Okta software repositories hosted with GitHub to validate the integrity of our code, and rotated GitHub credentials.


News URL

https://www.bleepingcomputer.com/news/security/okta-says-its-github-account-hacked-source-code-stolen/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Github 12 2 45 29 19 95
Okta 8 1 4 5 0 10