Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
More Okta Customers HackedMore Okta Customers Hacked
Attackers compromised customer support files containing cookies and session tokens, which could result in malicious impersonation of valid Okta users.
1 Min Read
Source: Ilnur Khisamutdinov via Alamy Stock Photo
Okta, an identity and access management services provider, disclosed that its customer support case management system was recently compromised, exposing sensitive customer data including cookies and session tokens. Attackers could potentially use the information to impersonate valid users contacting support.
The customer support case management system is separate from the Okta service itself and the incident only impacted customers with recent support cases, the company's Chief Security Officer David Bradbury stressed in a blog post on Oct. 20. Impacted customers have been notified, he said.
"Okta has worked with impacted customers to investigate, and has taken measures to protect our customers, including the revocation of embedded session tokens," Bradbury added.
In its blog post, Okta listed IP addresses and user-agents that security teams can use in their threat hunting efforts.
The announcement comes after Okta was identified as the initial attack vector in recent twin cyberattacks on MGM Resorts and Caesars Entertainment.
About the Author
You May Also Like
More Insights
Webinars
Uncovering Threats to Your Mainframe & How to Keep Host Access Secure
Feb 13, 2025Securing the Remote Workforce
Feb 20, 2025Emerging Technologies and Their Impact on CISO Strategies
Feb 25, 2025How CISOs Navigate the Regulatory and Compliance Maze
Feb 26, 2025Where Does Outsourcing Make Sense for Your Organization?
Feb 27, 2025
_vska_Alamy_.jpg?width=700&auto=webp&quality=80&disable=upscale)
_Brain_light_Alamy.jpg?width=700&auto=webp&quality=80&disable=upscale)