Security News > 2023 > November > Okta breach: Hackers stole info on ALL customer support users

The scope of the recent breach of the Okta customer support system is much wider than initially established, the company has admitted on Tuesday: the attackers downloaded a report that contained the names and email addresses of all Okta customer support system users.

Initial and latest findings about the Okta customer support system breach.

Subsequently, Okta CSO David Bradbury detailed how the attackers managed to view customer support cases and extract sensitive information, and said that the threat actor gained unauthorized access to files associated with 134 Okta customers.

"We also identified additional reports and support cases that the threat actor accessed, which contain contact information of all Okta certified users and some Okta Customer Identity Cloud customer contacts, and other information. Some Okta employee information was also included in these reports. This contact information does not include user credentials or sensitive personal data."

The aforementioned report, listing all users in Okta's customer support system, contains a number of fields: full name, username, email, company name, address, role, phone and mobile number, SAML Federation ID, and so on.

"Okta customers sign-in to Okta's customer support system with the same accounts they use in their own Okta org. Many users of the customer support system are Okta administrators. It is critical that these users have multi-factor authentication enrolled to protect not only the customer support system, but also to secure access to their Okta admin console(s)," he explained, and added that Okta customers should be on the lookout for phishing attempts that target their employees, IT Help Desks and related service providers.

News URL

https://www.helpnetsecurity.com/2023/11/29/okta-breach-customer-support/