Security News > 2023 > November > Okta tells 5,000 of its own staff that their data was accessed in third-party breach

Okta has sent out breach notifications to almost 5,000 employees, warning them that miscreants breached one of its third-party vendors and stole a file containing staff names, social security numbers, and health or medical insurance plan numbers.

The third-party, Rightway Healthcare, helps people compare healthcare providers and rates, and this includes Okta employees and their families.

Though this breach seems to be limited to Okta employees, the identity services providers' customers have also been hit with their share of security snafus over the past few months.

In October, Okta said it experienced a security breach that gave intruders access to sensitive customer files used for solving support tickets.

In an October 20 blog post, Okta CSO David Bradbury said the criminals used stolen credentials to gain access to Okta's support case management system and may have stolen HTTP Archive files used to replicate browser activity for troubleshooting.

A few days later, 1Password said it was one of the Okta customers hit by the latest breach - but assured its customers that their login details are safe.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/11/02/okta_staff_personal_data/