Okta’s Latest Security Breach Is Haunted by the Ghost of Incidents Past

Summary

This Wired article discusses multiple security incidents at Okta, an identity management platform provider with questionable transparency resulting in concerned experts.

Topics include:

  • Okta was breached twice in the past two years.
  • The most recent breach was caused by attackers using stolen login credentials to access customer support accounts.
  • This allowed the attackers to steal cookies and session tokens that could be used to access customer accounts.
  • Okta customers 1Password, BeyondTrust, and Cloudflare were all affected by the breach, but were able to detect and block the intrusions before any of their own customers were affected.
  • Cloudflare criticized Okta for its lack of urgency in responding to the breach and for not taking steps to improve its security posture.

 

Article

Okta’s Latest Security Breach Is Haunted by the Ghost of Incidents Past (Wired)

Twitter
LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked *