The company notified its "security contacts" of the incident
(Image credit: Shutterstock)
Authentication giant Okta has had its source code taken after GitHub repositories belonging to the company were breached, reports have claimed.
A “‘confidential’ email notification” allegedly sent by Okta to its “security contacts” noted that after investigating suspicious activity it had been alerted to earlier this month, the company had concluded that someone copied its code repositories.
Whoever was behind the attack did not access Okta’s services, or customer data, the notification further reads. Okta’s HIPAA, FedRAMP or DoD customers have not been affected by the incident, and do not need to do anything at this point.
Popular targets
BleepingComputer further found that the incident seems to be related to the Okta Workforce Identity Cloud (WIC) code repositories, but not Auth0 Customer Identity Cloud products.
Commenting on the news, Raj Samani, SVP Chief Scientist at Rapid7, said a company’s source code is quite valuable, and as such, important to cybercriminals.
“From our own research, we know that intellectual property is a popular target for threat actors with 12% of data disclosures between April 2020 and February 2022 containing it,” Samani said. “Stolen source code can be used to find hidden security vulnerabilities and launch further attacks on a business; therefore, it is crucial that such sensitive information is protected.”
Read more
> Everything we know about Lapsus$ and Okta so far
> Okta confirms hundreds of customers could be affected by data breach
> These are the best firewalls today (opens in new tab)
So far, Okta is yet to publicly confirm or deny the breach, but the incident is the latest to affect the company in 2022.
In March, notorious extortion group Lapsus$ announced it had breached Okta’s administrative consoles and stole customer data.
And in September, Auth0 (owned by Okta) reported a similar incident, when a “third-party individual” managed to steal old source code. The method was never established, so it isn’t known if any malware (opens in new tab) was involved.
Via: BleepingComputer (opens in new tab)
Are you a pro? Subscribe to our newsletter
Sign up to theTechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead Fadilpašić
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.