Code stored on GitHub was copied after threat actor gained unauthorized access.


Getty Images

Single sign-on provider Okta said on Wednesday that software code for its Okta Workforce Identity Cloud service was copied after intruders gained access to the company’s private repository on GitHub.

“Our investigation concluded that there was no unauthorized access to the Okta service, and no unauthorized access to customer data,” company officials said in a statement. “Okta does not rely on the confidentiality of its source code for the security of its services. The Okta service remains fully operational and secure.”

The statement said that copied source code pertains only to the Okta Workforce Identity Cloud and doesn’t pertain to any Auth0 products used with the company’s Customer Identity Cloud. Officials also said that upon learning of the breach, Okta placed temporary restrictions on access to the company’s GitHub repositories and suspended GitHub integrations with third-party apps.

“We have since reviewed all recent access to Okta software repositories hosted by GitHub to understand the scope of the exposure, reviewed all recent commits to Okta software repositories hosted with GitHub to validate the integrity of our code, and rotated GitHub credentials,” the statement added. “We have also notified law enforcement.”

The Okta Workforce Identity Cloud provides access management, governance, and privileged access controls in a single package. Many large organizations handle these things piecemeal using manual processes. The service, which Okta introduced last month, is designed to unify and automate these processes.

Further Reading

First Microsoft, then Okta: New ransomware gang posts data from bothLast March, the Lapsus$ ransomware group posted images that appeared to show it had obtained proprietary data from Okta and Microsoft. Okta officials said the data was obtained after the threat actor gained unauthorized access to the account of a “third-party customer support engineer working for one of our subprocessors.”

The company said the attempt to breach Okta was unsuccessful and that the access the hackers gained to the third-party account didn’t allow them to create or delete users, download customer databases, or obtain password data. Lapsus$ members refuted this claim and noted that the screenshots indicated they had logged into the superuser portal, a status they said gave them the ability to reset the passwords and multifactor authentication credentials of 95 of Okta’s customers.

In August, Okta said that hackers who had recently breached security provider Twilio used their access to obtain information belonging to an unspecified number of Okta customers. Twilio disclosed the breach three weeks earlier and said it allowed the threat actor to obtain data for 163 customers. Okta said the threat actor could obtain mobile phone numbers and associated SMS messages containing one-time passwords of some of its customers.

In September, Okta revealed that code repositories for Auth0, a company it acquired in 2021, had also been accessed without authorization.

Wednesday’s disclosure of the Okta source-code copying was first reported by Bleeping Computer.


9 Best Ways To Retrieve A Downloaded Movie On Your Laptop

Watching movies online can be a hassle; Especially when there is a lot of buffering. This is one of the biggest reasons for people to download their movies and watch them offline. However, I found this specific query in a forum where people were asking to recover a downloaded movie ...

View more: 9 Best Ways To Retrieve A Downloaded Movie On Your Laptop

How To Snip Screen On Your Laptop?

Taking a screenshot is not a complicated process. All of us are familiar with at least one way to do it. However, there are several ways to capture your screen for a frame. We made this article to show you all the different ways you can grab your screens. If ...

View more: How To Snip Screen On Your Laptop?

How To Connect AirPods To A Laptop?

The Apple AirPods are, undoubtedly, some of the best earpieces available on the electronics market. With three generations of different AirPods models, these sleek, ivory earphones are quite popular. Apart from the appearance and quality, AirPods are known for being versatile. Irrespective of what the host device is, AirPods can ...

View more: How To Connect AirPods To A Laptop?

7 Best Ways To Fix DistributedCOM Error In Windows

If you open the Event Viewer utility often, you may notice a DistributedCOM Error on Windows. Let’s know what this DistributedCOM Error Windows error is, how it’s caused, and how you can fix it. Contents show 1 What Is the DistributedCOM Error Windows 10 and 11? 2 What is the ...

View more: 7 Best Ways To Fix DistributedCOM Error In Windows

12 Easy Fixes For Webcam Not Working In Windows

Cameras are becoming quite common for PCs. We use meetings on Zoom, Microsoft Teams, Skype, and other options. The operating system might not be at fault if your camera isn’t working. You can use the given solutions to solve the Webcam Not Working Windows issue quickly. We have covered ...

View more: 12 Easy Fixes For Webcam Not Working In Windows

Windows 10 Sound Not Working: 18 Quick And Easy Methods

Is  Windows 10 Sound Not Working on your PC? This is a common issue faced by many Windows users.  If you are one among them, you are in the right place. This article gives you 11 solutions to fix the no-sound issues in Windows 10.  Contents show 1 Reasons For ...

View more: Windows 10 Sound Not Working: 18 Quick And Easy Methods

Fix CAA20004 Microsoft Teams Sign in Error

Microsoft Teams have a bundle of excellent and attractive features that provides you with easy communication among friends, even classes and offices were conducted online. There’s a lot going on in MS Teams, for example, you can chat via messages and video calls, and at the same time share files ...

View more: Fix CAA20004 Microsoft Teams Sign in Error

How To Fix This Update Is Not Applicable To Your Computer Error: 11 Quick Fixes

Windows standalone updates packages are useful when your Windows updater is not working or you want to install a certain update manually. However, running these updated packages, sometimes, shows the error message “This update is not applicable to your computer” or “This update is not applicable to your computer”. ...

View more: How To Fix This Update Is Not Applicable To Your Computer Error: 11 Quick Fixes

Windows Dual Boot Menu Not Showing: 6 Easy Ways To Fix

12 Best Fixes: Windows 10 Start Menu Search Not Working

How to customize and publish a Microsoft Bookings page?

Chic-Fil-A’s Training Program Apparently Features a Familiar Fallout Face

Microsoft Teams Status not updating or changing

Don’t Buy a Foldable Until Samsung Brings This Prototype to Life

Windows Encryption Not Working? 6 Best Ways To Fix

How to get Apple Calendar on Windows PC

Windows Update Error 0x80073701: 9 Best Ways To Fix

Best Ways To Fix Slow Internet During VPN On Windows 11

6 Solutions To Fix Wmpnetwk High CPU Usage In Windows

Save Time in Microsoft PowerPoint by Making Your Own Theme


Top Car News Car News