Security News > 2023 > October > Okta says its support system was breached using stolen credentials
Okta says attackers accessed files containing cookies and session tokens uploaded by customers to its support management system after breaching it using stolen credentials.
"The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases," said Okta's Chief Security Officer David Bradbury.
"It should be noted that the Okta support case management system is separate from the production Okta service, which is fully operational and has not been impacted."
Okta notified all customers' whose Okta environment or support tickets were impacted by the incident.
"HAR files represent a recording of browser activity and possibly contain sensitive data, including the content of the pages visited, headers, cookies, and other data," Okta explains on its support portal.
One-time passwords delivered to Okta customers over SMS were also stolen by the Scatter Swine threat group, which breached cloud communications company Twilio in August 2022.