On November 29, 2023, Okta acknowledged that the security incident it suffered in September 2023 was far more serious than initially stated. At the time, the US group, specialized in centralized ID and access management for businesses, had admitted to a malicious intrusion. The firm had nonetheless assured the leak only concerned one percent of its customers.
Through David Bradbury, its head of security, Okta admitted that cybercriminals had actually “downloaded a report containing the names and email addresses of all customer support users”, i.e. the overwhelming majority of the company’s clients. For 0.4% of the latter, the leak also affects other personal data, such as usernames, phone numbers and postal addresses.
Okta added that cybercriminals managed to get their hands on other files, without specifying which ones. “We are working with an outside firm to corroborate our findings, and we will share the report with our customers as soon as it is finalized,” reads the group’s press release.
According to David Bradbury, there is currently no evidence of foul use. He recognizes however that the leaked data could enable threat actors to “target Okta customers, through phishing and social engineering attacks.”