Okta Breach, March 2022

Okta is known for its authentication and identity verification services. It is based out of San Francisco, California, and provides security and authentication services to enterprises around the globe.

What Was the Breach?

Okta, an authentication business, was breached earlier this spring. The infamous Lapsus$ hackers are responsible for the attack. Okta admitted that a breach occurred, noting that it exposed nearly 3% of its customers' data.

How Did the Breach Occur?

Okta insists the Lapsus$ hackers performed the attack by way of a third-party company. Hackers took to their blogs to brag about the attack, highlighting how it obtained access to Okta’s systems, yet the company responded by refuting those points one by one. Lapsus$ hackers even went as far as highlighting Okta’s failure to implement the latest digital security measures in an attempt to smear the company and also intimidate other potential targets.

The Okta service itself was not breached. Instead, hackers accessed an Okta engineer's laptop to access the data. Okta responded to the breach by highlighting that the impact on its customers was constrained to support engineer access. Support engineers were tasked with resetting user passwords and implementing multifactor authentication after the breach.

When Did This Breach Occur?

This breach occurred in March 2022.

Who Does the Breach Impact?

The breach impacts Okta's customers as well as the business. However, the vast majority of Okta’s customers were not affected by the breach.

How Many Files Does the Breach Affect?

The attack impacts a small percentage of Okta customers. In total, Okta has 15,000 customers. About 500 of those customers were impacted by the breach. To find out more about this breach, read Okta Reviewing Potential Digital Breach.