Okta, a firm that delivers id and obtain management companies, disclosed on Wednesday that some of its resource code repositories ended up accessed in an unauthorized manner previously this month.
“There is no effect to any consumers, such as any HIPAA, FedRAMP or DoD buyers,” the corporation stated in a community assertion. “No motion is essential by customers.”
The security event, which was initial described by Bleeping Personal computer, concerned unknown risk actors attaining obtain to the Okta Workforce Id Cloud (WIC) code repositories hosted on GitHub. The entry was subsequently abused to copy the resource code.
The cloud-based mostly identity administration system noted that it was alerted to the incident by Microsoft-owned GitHub in early December 2022. It also emphasized that the breach did not final result in unauthorized accessibility to purchaser info or the Okta support.
On getting the lapse, Okta stated it positioned momentary restrictions on repository access and that it suspended all GitHub integrations with other third-party programs.
The San Francisco-headquartered agency further reported it reviewed the repositories that were accessed by the thieves and examined the new code commits to ensure that no poor adjustments have been manufactured. It has also rotated GitHub credentials and educated regulation enforcement of the enhancement.
“Okta does not depend on the confidentiality of its source code for the security of its products and services,” the corporation mentioned.
The alert arrives virtually three months right after Auth0, which Okta obtained in 2021, uncovered a “security event” pertaining to some of its code repository archives from 2020 and earlier.
Okta has emerged as an appealing goal for attackers considering the fact that the start of the yr. The LAPSUS$ data extortion group broke into the company’s interior systems in January 2022 after acquiring distant accessibility to a workstation belonging to a assistance engineer.
Then in August 2022, Group-IB unearthed a marketing campaign dubbed 0ktapus focusing on a quantity of providers, such as Twilio and Cloudflare, that was designed to steal users’ Okta identity qualifications and two-factor authentication (2FA) codes.
Uncovered this write-up appealing? Observe us on Twitter and LinkedIn to examine extra exceptional written content we put up.
Some components of this short article are sourced from: