Last week, identity and access management company Okta disclosed a hack of its support system, an incident that has now knocked more than $2 billion from the company’s market cap and caused its stock to drop more than 11%. Here are a few things to know about the cybersecurity breach:
What is Okta?
Okta is a cloud-based service that allows IT at a company to manage applications of devices that an employee might have access to.
How did the hackers pull this off?
The attackers were able to view files that had been uploaded by a limited number of Okta customers. The files in question were uploaded during recent support cases. Okta says the attack only impacted its support case management and did not impact the Okta service, which remains operational.
Hackers were able to gain access to stolen credentials through HTTP Archive (HAR) files uploaded by users for troubleshooting purposes. Those files can often include session tokens and cookies, and the hackers were able to use those to impersonate valid users.
Why does this seem familiar?
The company’s products have been tied to recent high-profile hacks of both Caesars Entertainment and the MGM lines of casinos in Las Vegas. Caesars ultimately paid out a ransom of $15 million to the hackers to regain control of its systems while MGM refused to pay the ransom and instead shut down several critical systems, including its electronic key card systems, reservation and booking systems, and even the casino floor. The company has since acknowledged the direct and indirect costs of the attack would cost it more than $100 million.
Okta also made headlines for a cyberattack last year.
Are any notable companies impacted this time?
Okta has more than 18,000 customers. One of the companies impacted by the hack was password management company 1Password, which is currently used by more than 100,000 businesses and individuals. 1Password says that it detects suspicious activity on its Okta instance, which is used to manage employee-facing apps. After a “thorough investigation,” 1Password says that it concluded that no user data was accessed.
What about other Okta customers?
An Okta representative told TechCrunch that the hack impacted around 1% of its customers. The company has already notified all of the customers that were impacted. If you’re an Okta customer, in this particular case no news is good news.
And Okta stock?
After taking a hit this week, shares rose slightly during the trading day on Tuesday but remained little changed in premarket trading on Wednesday.
Login to add comment
Other posts in this group
Every now and then, you run into a tool that truly wows you.
It’s rare—especially nowadays, when everyone and their cousin is coming out with overhyped AI-centric codswallop tha
Tesla released its quarterly earnings report on Tuesday, its first since the company’s chief executive, Elon Musk, took up residence in the Trump White House and immediately began trying to fire f
There’s never a dull day in the world of weight-loss medication. This week brought new restrictions on compounded GLP-1 medication, the cheaper, copycat versions of brand-name drugs that tel
In December 2023, I wrote an article exploring Apple CEO Tim Cook’s most likely successors, because t
“Meta profits, kids pay the price,” was the message delivered by dozens of grieving families at the doors of Meta’s Manhattan office on Thursday.
Forty-five families traveled from
The world’s auto industry is getting a shake-up from Chinese automakers that
There’s Blue Sky and then there’s Bluesky.
Blue Sky, a paper goods company
