Excerpt from Bloomberg Article, Published on Nov 29, 2023
Okta Inc. recently revealed a concerning update regarding the breach it suffered two months ago, stating that hackers managed to access data from all users within its customer support system—a considerable expansion from the initial 1% of customers affected, as previously reported.
In a letter addressed to its customers on Tuesday, Okta detailed that the hackers obtained a report containing comprehensive data, including names and email addresses, of all clients utilizing its customer support system. This discovery prompts Okta to caution customers about a heightened risk of potential attacks, advising the implementation of robust multifactor authentication measures for enhanced security.
While there’s no direct evidence of the stolen information being used for phishing, Okta emphasized the persistent threat of such attacks. The company has informed customers about this increased risk, providing recommendations and reinforcing security measures to mitigate targeted threats.
Okta disclosed its collaboration with a digital forensics firm to bolster the ongoing investigation, committing to share the report findings with customers upon completion. Furthermore, individuals affected by the data download will be notified accordingly.
This revelation follows Okta’s prior breach disclosure last month, triggering a plummet in their shares. Additionally, the company clarified that the breach encompassed more data than initially assessed, including some employee information.
The compromised customer report contained primarily non-sensitive information, such as names and emails, with minimal data fields populated. Okta assured that for over 99% of affected customers, only basic contact information was accessed.
Okta is set to announce its earnings on Wednesday and has pledged to publicly disclose additional details on the same day as communicated in the notice to customers.
To delve deeper into this topic, please read the full article on Bloomberg