After two months, more details are emerging about the Okta data breach. On Tuesday, Okta disclosed that hackers had compromised information for all users of its customer support system during a network breach that took place in September.
The San Francisco-based company informed customers that it had identified a breach where hackers accessed a report containing data, including names and email addresses of all clients utilizing its customer support system, the company told Reuters in an email.
“While we do not have direct knowledge or evidence that this information is being actively exploited, we have notified all our customers that this file is an increased security risk of phishing and social engineering,” Okta said.
Although there is no direct knowledge or evidence of the exploited information, Okta said it has taken precautions by notifying all customers about the heightened security risk for phishing and social engineering associated with the compromised file.
Adding to the concerns, just a month ago, there was another report indicating that Okta faced another security incident in October. During this incident, hackers targeted a third-party vendor, resulting in the unauthorized access and theft of personal information belonging to 5,000 Okta employees.
While Okta may not be a household name, it plays a critical role in the cybersecurity systems of major corporations. The identity management company serves over 18,000 customers, offering a single login point for various platforms used by these organizations. For instance, Zoom utilizes Okta to provide seamless access to Google Workspace, ServiceNow, VMware, and Workday platforms.
Founded in 2009 by Todd McKinnon and Frederic Kerrest, Okta is a cybersecurity firm renowned for delivering identity and access management solutions, facilitating secure and seamless access to various digital services and platforms for organizations.