Michael Vi/iStock Editorial through Getty Images
Okta’s (NASDAQ:OKTA) inventory fell about 6% premarket on Wednesday after the corporate mentioned that it has discovered that hackers stole data on all customers of its buyer help system in a community breach two months in the past.
The scope of the hack appears to be wider than beforehand anticipated.
Okta mentioned in an announcement to Seeking Alpha that, “We have determined that the threat actor downloaded the names and email addresses of all Okta customer support system users. All Okta Workforce Identity Cloud (WIC) and Customer Identity Solution (CIS) customers are impacted except customers in our FedRamp High and DoD IL4 environments (these environments use a separate support system NOT accessed by the threat actor). The Auth0/CIC support case management system was not impacted by this incident.”
The firm added that whereas it doesn’t have direct information or proof that this data is being actively exploited, it has notified all prospects that this file is an elevated safety threat of phishing and social engineering.
The firm has additionally pushed new safety features to its platforms and offered prospects with particular suggestions to defend towards potential focused assaults towards their Okta directors.
Okta famous in a weblog publish on Wednesday that prospects sign-in to Okta’s buyer help system with the identical accounts they use in their very own Okta org. Many customers of the shopper help system are Okta directors. Thus it was vital that these customers have multi-factor authentication enrolled to guard not solely the shopper help system, but additionally to safe entry to their Okta admin console.
In October, the corporate had mentioned that the hacker was capable of view information uploaded by sure prospects as a part of help circumstances. The Okta help case administration system is separate from the manufacturing Okta service, which was totally operational and had not been impacted.
Okta famous in its assertion to Seeking Alpha that it’s working with a digital forensics agency to assist with its investigation and it will likely be share the report with prospects after completion.
In addition, the corporate will even notify people which have had their data downloaded.
Okta (OKTA) is scheduled to report its third-quarter earnings on Wednesday after market shut.
