Cloudflare Falls Victim to Okta Breach, Atlassian Systems Cracked
The cyberattackers, believed to be state sponsored, didn't get far into Cloudflare's global network, but not for lack of trying.
Okta is an identity and access management platform whose authentication services affect account security, access control, and breach response.
Search across headline titles and summaries.
Background for this topic.
Okta is a cloud identity and access management platform used to authenticate people, issue access to applications, and administer workforce or customer identities. Its capabilities commonly include single sign-on, multifactor authentication, directory and lifecycle management, and policy-based authorization across SaaS, on-premises, and custom applications.
Because Okta can control access to many systems, its administrator accounts, identity APIs, integrations, and authentication sessions are high-value security surfaces. Organizations should apply least privilege, phishing-resistant MFA where feasible, careful separation of administrative roles, and prompt removal of departing users; misconfigured federation or provisioning can otherwise grant excessive or persistent access. Logs covering administrator activity, authentication events, token use, and changes to applications or policies support detection and incident response. Security advisories and vulnerability assessments should include Okta agents, connectors, browser components, and downstream integrations, while investigations should consider revoking sessions and rotating affected credentials.
The cyberattackers, believed to be state sponsored, didn't get far into Cloudflare's global network, but not for lack of trying.
Cloudflare revealed suspected nation-state attackers compromised its systems and accessed source code using credentials stolen in the Okta breach
Atlassian systen compromised via October Okta intrusion Cloudflare has just detailed how suspected government spies gained access to its internal Atlassian installation using credentials stolen via a security breach at Okta in October.…
Also: Cloudflare Was Hacked With Stolen Okta TokenThis week, former CIA programmer gets 40-year sentence, zero trust prevents widespread damage, possible ransomware attack in Georgia, alleged hacker detained in Ukraine, USB-spread malware in Italy, LockBit attack on non-bank home mortgage lender, and Ukrainian critical infrastructure disrupted.
Cloudflare disclosed today that its internal Atlassian server was breached by a 'nation state' attacker who accessed its Confluence wiki, Jira bug database, and Atlassian Bitbucket source code management system. [...]
The Identity Provider Experienced a String of Embarrassing Cybersecurity IncidentsOkta announced layoffs amounting to 7% of its workforce in a restructuring that will cost 400 employees their jobs. Thursday's disclosure is the second round of layoffs the company has undergone in the past 12 months. CEO Todd McKinnon said the cuts are needed to run Okta with "greater efficiency."