Crooks copy source code from Okta’s GitHub repository
The hack wraps up a year of bad security incidents for identity Intruders copied source code belonging to Okta after breaching the identity management company's GitHub repositories.…
Okta is an identity and access management platform whose authentication services affect account security, access control, and breach response.
Search across headline titles and summaries.
Background for this topic.
Okta is a cloud identity and access management platform used to authenticate people, issue access to applications, and administer workforce or customer identities. Its capabilities commonly include single sign-on, multifactor authentication, directory and lifecycle management, and policy-based authorization across SaaS, on-premises, and custom applications.
Because Okta can control access to many systems, its administrator accounts, identity APIs, integrations, and authentication sessions are high-value security surfaces. Organizations should apply least privilege, phishing-resistant MFA where feasible, careful separation of administrative roles, and prompt removal of departing users; misconfigured federation or provisioning can otherwise grant excessive or persistent access. Logs covering administrator activity, authentication events, token use, and changes to applications or policies support detection and incident response. Security advisories and vulnerability assessments should include Okta agents, connectors, browser components, and downstream integrations, while investigations should consider revoking sessions and rotating affected credentials.
The hack wraps up a year of bad security incidents for identity Intruders copied source code belonging to Okta after breaching the identity management company's GitHub repositories.…
Okta, a company that provides identity and access management services, disclosed on Wednesday that some of its source code repositories were accessed in an unauthorized manner earlier this month
In a 'confidential' email notification sent by Okta and seen by BleepingComputer, the company states that attackers gained access to its GitHub repositories this month and stole the company's source code. [...]
In a 'confidential' email notification sent by Okta and seen by BleepingComputer, the company states that attackers gained access to its GitHub repositories this month and stole the company's source code. [...]