Hackers Had Access to Okta Customer Files For At Least Two Weeks
Main Ragnar Locker perpetrator arrested, Hackers may have stolen entire DC voter roll, Philly reports hacking incident, Flaws found in SolarWinds product, Cisco issued zero day patches, much more
Identity management company Okta suffered a security breach that gave hackers access to Okta’s customer support platform for at least two weeks before the company fully contained the intrusion.
In an advisory sent to an undisclosed number of customers on October 19, Okta said it “has identified adversarial activity that leveraged access to a stolen credential to access Okta’s support case management system. The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases.
Okta explained that when troubleshooting customer issues, it will often ask for a recording of a Web browser session (a.k.a. an HTTP Archive or HAR file). These are sensitive files because they can include the customer’s cookies and session tokens, which intruders can then use to impersonate valid …
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.