Okta Breach: 134 Customers Exposed in October Support System Hack

Okta says attackers who breached its customer support system last month gained access to files belonging to 134 customers, five of them later being targeted in session hijacking attacks with the help of stolen session tokens. From a report: "From September 28, 2023 to October 17, 2023, a threat actor gained unauthorized access to files inside Okta's customer support system associated with 134 Okta customers, or less than 1% of Okta customers," Okta revealed. "Some of these files were HAR files that contained session tokens which could in turn be used for session hijacking attacks. The threat actor was able to use these session tokens to hijack the legitimate Okta sessions of 5 customers, 3 of whom have shared their own response to this event." The three Okta customers that already disclosed they were targeted due to the company's October security breach are 1Password, BeyondTrust, and Cloudflare. They all notified Okta of suspicious activity after detecting unauthorized attempts to log into in-house Okta administrator accounts.

Read more of this story at Slashdot.