+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Password authenticator Okta says hackers stole names and email addresses of all its customer support users

Nov 29, 2023, 17:48 IST
Insider
Okta first revealed the hack in September.SOPA Images/ Getty
  • Okta said hackers stole a report with names and email addresses of all customer support users.
  • Those users face an "increased risk of phishing," the password authenticator said in a blog.
Advertisement

Okta's recent data breach was a lot bigger than it previously disclosed.

The password authenticator was hit by a cyberattack in September and said earlier this month that just 1% of its customers were affected.

But in a blog post Wednesday, Okta said hackers stole a report that included the names and email addresses of "all Okta customer support system users."

David Bradbury, Okta's chief security officer, said in the post: "While we do not have direct knowledge or evidence that this information is being actively exploited, there is a possibility that the threat actor may use this information to target Okta customers via phishing or social engineering attacks."

Bradbury advised all customers to use multi-factor authentication, which requires more than one security test, to keep their information safe online.

Advertisement

San Francisco-based Okta offers companies identity management tools including single sign-in and multi-factor authentication for secure website logins. The company has more than 18,000 corporate clients including FedEx, S&P Global, T-Mobile and Zoom, per its website.

The company also suffered at least two security breaches last year, TechCrunch reported. A group of hackers called Lapsus$ extortion group accessed a customer support engineer's account in January 2022 and shared screenshots of Okta's systems, per the report.

Then in August hacking group Scatter Swine gained access to Okta customer data, it claimed in a blog post, breaching more than 100 companies including software firm Twilio.

Okta didn't immediately respond to a request for comment from Business Insider, made outside normal working hours.

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article