Okta Breach Widens to Affect 100% of Customer Base
Early disclosures related to September compromise insisted less than 1% of Okta customers were impacted; now, the company says it was all of them.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Early disclosures related to September compromise insisted less than 1% of Okta customers were impacted; now, the company says it was all of them.
After 1Password, MGM, and Caesars, yet more cybersecurity woes mount for the identity and access management company.
Attackers compromised customer support files containing cookies and session tokens, which could result in malicious impersonation of valid Okta users.
Threat actors convince employees to reset MFA for Super Admin accounts in the IAM service to leverage compromised accounts, impersonating users and moving laterally within an organization.
Accidentally typing a password in the username field of the platform saves them to audit logs, to which threat actors can gain access and use to compromise enterprise services.
Microsoft meanwhile confirms Lapsus$ group compromised it as well and issues warning on threat actor.