Okta could be facing more cyberattacks following customer support hack

News
By published

A hacker obtained browser session cookies for Okta customers

A white padlock on a dark digital background.
(Image credit: Shutterstock.com)

Unidentified hackers recently broke into Okta and stole client session cookies, potentially giving them access to those companies’ networks, and potentially infect the endpoints with malware and ransomware

The company confirmed the news in a blog post   written by its Chief Security Officer David Bradbury, who confirmed outsiders had managed to get hold of login credentials for Okta’s support case management system. 

Logging into the tool, they were able to view browser recording files that Okta’s customers uploaded for troubleshooting. These recordings, as explained, often include website cookies and session tokens - every hacker’s holy grail as it allows them to bypass not just the login screen, but multi-factor authentication (MFA), too.

Customers notified

Whoever hacked Okta really did try to compromise one of its clients, it was later said, as security firm BeyondTrust was recently called in by one of its clients to inspect a hacking attempt that happened soon after an admin shared a browser recording session with Okta.

As per BeyondTrust’s CTO Mark Maiffret, the attacker used a session token from the uploaded browser recording session and created a new admin account. The attack “was the result of Okta’s support system being compromised which allowed an attacker to access sensitive files uploaded by their customers.”

We don’t know exactly how many of Okta’s customers were affected by the breach. The company’s spokesperson told TechCrunch the incident affected roughly 1% of its userbase. In March 2023, Okta said it services around 17,000 customers. It’s still now known how the attacker obtained the credentials to the Okta support case management system. Okta notified the affected firms and contained the incident on October 17.

Okta is an access and identity service provider, offering different identity management tools including Single Sign On.

Via TechCrunch

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
An abstract image of padlocks overlaying a digital background.
BeyondTrust says hackers hit its remote support products
Password
Millions of airline customers possibly affected by OAuth security flaw
A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system
Microsoft 365 accounts are under attack from new malware spoofing popular work apps
A concept image of someone typing on a computer. A red flashing danger sign is above the keyboard and nymbers and symbols also in glowing red surround it.
Microsoft Teams and other Windows tools hijacked to hack corporate networks
Ransomware
Millions of hotel guest reservations leaked in Otelier data breach
A VPN runs on a mobile phone placed on a laptop keyboard
SonicWall VPN flaw could allow hackers to hijack your sessions, so patch now
Latest in Security
Lock on Laptop Screen
Data breach at Pennsylvania education union potentially exposes 500,000 victims
Spyware
Stalkerware data breach potentially hits over 2 million users, including thousands of Apple devices
An American flag flying outside the US Capitol building against a blue sky
Five Eyes "cannot replace US intel in Ukraine", claims former US Cyber Command Chief
Pirate skull cyber attack digital technology flag cyber on on computer CPU in background. Darknet and cybercrime banner cyberattack and espionage concept illustration.
Criminals are using a virtual hard disk image file to host and distribute dangerous malware
WordPress on a laptop
Over 20,000 WordPress sites hit by damaging malware campaign
Trojan
WhatsApp patches security flaw which let hackers install spyware
Latest in News
Acer Chromebook Plus line
Chromebooks aren't dead! Acer has just launched 7 new ChromeOS laptops aimed at students and professionals
Apple Watch foldable display patent
Forget the folding iPhone – Apple has patented a foldable Apple Watch with two screens
Matt Murdock looking angry in Daredevil: Born Again season 1 episode 2
Daredevil: Born Again season 2 first look images have already spoiled how the Marvel TV show's first season will end on Disney+
Quordle on a smartphone held in a hand
Quordle hints and answers for Friday, March 21 (game #1152)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Friday, March 21 (game #383)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Friday, March 21 (game #649)
More about security
Spyware

Stalkerware data breach potentially hits over 2 million users, including thousands of Apple devices
Lock on Laptop Screen

Data breach at Pennsylvania education union potentially exposes 500,000 victims
Acer Chromebook Plus line

Chromebooks aren't dead! Acer has just launched 7 new ChromeOS laptops aimed at students and professionals
See more latest
Most Popular
Acer Chromebook Plus line
Chromebooks aren't dead! Acer has just launched 7 new ChromeOS laptops aimed at students and professionals
AMD Ryzen 9950X3D chip next to its packaging on a pink table
Asus' AI Cache Boost promises to "pump up" your AMD Ryzen 9000 processor's AI performance
Apple Watch foldable display patent
Forget the folding iPhone – Apple has patented a foldable Apple Watch with two screens
Matt Murdock looking angry in Daredevil: Born Again season 1 episode 2
Daredevil: Born Again season 2 first look images have already spoiled how the Marvel TV show's first season will end on Disney+
Spyware
Stalkerware data breach potentially hits over 2 million users, including thousands of Apple devices
Miele Guard L1 Comfort XL cyclinder vacuum
I've been patiently waiting for the newest vacuum tech to make its way into cylinder vacuums, and Miele has finally delivered
The ASSC Assassin's Creed collection.
The Assassin's Creed x Anti Social Social Club drop includes gaming merch that I wouldn't be embarrassed to wear
Quordle on a smartphone held in a hand
Quordle hints and answers for Friday, March 21 (game #1152)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Friday, March 21 (game #383)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Friday, March 21 (game #649)