Security News > 2022 > December > Hackers Breach Okta's GitHub Repositories, Steal Source Code

Okta, a company that provides identity and access management services, disclosed on Wednesday that some of its source code repositories were accessed in an unauthorized manner earlier this month.
The security event, which was first reported by Bleeping Computer, involved unidentified threat actors gaining access to the Okta Workforce Identity Cloud code repositories hosted on GitHub.
Upon discovering the lapse, Okta said it placed temporary restrictions on repository access and that it suspended all GitHub integrations with other third-party applications.
"Okta does not rely on the confidentiality of its source code for the security of its services," the company noted.
The alert comes nearly three months after Auth0, which Okta acquired in 2021, revealed a "Security event" pertaining to some of its code repository archives from 2020 and earlier.
Then in August 2022, Group-IB unearthed a campaign dubbed 0ktapus targeting a number of companies, including Twilio and Cloudflare, that was designed to steal users' Okta identity credentials and two-factor authentication codes.
News URL
https://thehackernews.com/2022/12/hackers-breach-oktas-github.html
Related news
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- Orange Group confirms breach after hacker leaks company documents (source)
- Silk Typhoon hackers now target IT supply chains to breach networks (source)
- Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits (source)
- Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom (source)
- Oracle denies breach after hacker claims theft of 6 million data records (source)
- Chinese Hackers Breach Asian Telecom, Remain Undetected for Over 4 Years (source)
- StreamElements discloses third-party data breach after hacker leaks data (source)