Tuesday, 02 January 2024 12:17 GMT
عربي


               US          Europe          Arab          Asia          Africa    
|      Politics          Economy     Oil&Energy         
                 Entertainment          Sport
Hackers Stole Customer Access Tokens From Okta’S Support Unit, Admits Firm

Hackers Stole Customer Access Tokens From Okta’S Support Unit, Admits Firm


2023-10-21 12:23:20
(MENAFN- IANS) San Francisco, Oct 21 (IANS) Identity and access company Okta has identified“adversarial activity” that leveraged access to a stolen credential to access Okta's support case management system.

The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases, admitted Okta chief security officer David Bradbury.

“It should be noted that the Okta support case management system is separate from the production Okta service, which is fully operational and has not been impacted,” he mentioned in a blog post late on Friday.

All customers who were impacted in the security breach have been notified by the company.

Okta provides companies with access and identity tools, such as“single sign-on”. It has more than 18,000 customers with more than 7,000 integrations.

Bradbury said that Okta support will ask customers to upload an HTTP Archive (HAR) file, which allows for troubleshooting of issues by replicating browser activity.

“HAR files can also contain sensitive data, including cookies and session tokens, that malicious actors can use to impersonate valid users. Okta has worked with impacted customers to investigate, and has taken measures to protect our customers, including the revocation of embedded session tokens,” he informed.

Security firm BeyondTrust, which uses Okta, said that it notified the company of a potential breach on October 2 after it detected an attempted compromise to its network.

The incident began when BeyondTrust security teams detected an attacker trying to access an in-house Okta administrator account using a valid session cookie stolen from Okta's support system.

“BeyondTrust's own Identity Security Insights tool alerted the team of the attack, and they were able to block all access and verify that that attacker did not gain access to any systems,” said the company.

Okta is recommending its customers to sanitise all credentials and cookies/session tokens within a HAR file before sharing it.

--IANS

na/

MENAFN21102023000231011071ID1107279267

Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.

Tags

Label

Comments

No comment

Category

Date

More Story

Search