1Password also affected by Okta Support System breach

2023-10-24 10:45

Following in the footsteps of BeyondTrust and CloudFlare, 1Password has revealed that it has been affected by the Okta Support System breach.

David Bradbury, Chief Security Officer at Okta, disclosed last Friday that an attacker has "Leveraged access to a stolen credential to access Okta's support case management system" and "View files uploaded by certain Okta customers as part of recent support cases."

They raised their concerns of a breach to Okta on the same day, but it took 17 days for Okta security leadership to notify them of the breach and the fact that they were one of their affected customers.

"We saw no evidence of other irregular activity across all other privileged Okta users in Identity Security Insights, no evidence of other suspicious Okta accounts being created, and no evidence of any unusual activity in the targeted user's account before this incident," Maiffret added.

In the early morning hours of September 29, 2023, the threat actor used the same Okta session that was used to create the HAR file to access the Okta administrative portal.

1Password's incident report reveals how the company traced the attempted breach back to a compromise of Okta's Support System.

News URL

https://www.helpnetsecurity.com/2023/10/24/1password-okta-support-breach/

#1password #breach #okta

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
1Password		7	1	9	1	1	12
Okta		7	0	3	6	0	9