时间:2026-04-07 21:33:07 来源:网络整理编辑:時尚
Okta, the San Francisco-based identity and access management company, reported a security breach on
Okta, the San Francisco-based identity and access management company, reported a security breach on Friday. Hackers gained access to private customer information through its customer support management system.
In a site-wide announcement, Okta Chief Security Officer David Bradbury revealed that hackers viewed content uploaded by some Okta customers related to recent support cases. These files, known as HTTP archive (HAR) files, help support personnel replicate customer browser activity for troubleshooting.
SEE ALSO:23andMe may have suffered yet another breach – your data is in jeopardy"HAR files can also contain sensitive data, including cookies and session tokens, that malicious actors can use to impersonate valid users," Bradbury said.
Bradbury did not disclose how the credentials were stolen nor if two-factor authentication was in place for the compromised support system. To mitigate the damage, Okta revoked embedded session tokens and advised customers to sanitize credentials within HAR files before sharing.
According to Arstechnica, the initial hack was stopped by security firm BeyondTrust, which alerted Okta to suspicious activity about a month ago. However, due to some flaws within Okta's security model, some actions were still carried out by malicious actors.
Bradbury confirmed that all affected customers have been informed. He also provided IP addresses and browser user agents associated with the hackers for further investigation. He also added that Okta's main production service and Auth0/CIC case management system remain unaffected.
Okta has had its fair share of hacker troubles lately. In March 2022, a group called Lapsus$ accessed an Okta admin panel, allowing them to reset customer passwords and authentication credentials. In December of that same year, Okta's source code was stolen from a GitHub account.
TopicsCybersecurity
Here's what 'Game of Thrones' actors get up to between takes2026-04-07 21:09
We're only starting to understand the extent of sexual assault at universities2026-04-07 21:04
8 easy ways to guard your privacy on your iPhone2026-04-07 20:20
Xiaomi cashes in on India's festive season, sells over 500,000 smartphones in 3 days2026-04-07 20:00
Pole vaulter claims his penis is not to blame2026-04-07 19:58
Crystal ball2026-04-07 19:57
Jimmy Olsen is Guardian: Supergirl Season 2 makes James a vigilante2026-04-07 19:53
'Stranger Things' fans rejoice, this restaurant is feeding Demogorgons to diners2026-04-07 19:49
Aly Raisman catches Simone Biles napping on a plane like a champion2026-04-07 19:47
'League of Legends' pro suspended, fined $2K for using racist language2026-04-07 19:32
Major earthquake and multiple aftershocks rock central Italy2026-04-07 21:22
Ken Bone greets Snoop Dogg in his Reddit 'Bone Zone'2026-04-07 21:13
We're only starting to understand the extent of sexual assault at universities2026-04-07 20:54
NFL to fine teams up to $100,000 for posting social media video during games2026-04-07 20:33
Chinese gymnastics team horrifies crowd with human jump rope2026-04-07 20:25
The ladies of 'SNL' roast Donald Trump in a 'Lemonade' parody2026-04-07 20:14
Report indicates Samsung killed the Note7 without figuring out what's wrong with it2026-04-07 19:38
This French Instagram profile is not what you think it is2026-04-07 19:38
Over 82,000 evacuate as Blue Cut fire rapidly spreads in southern California2026-04-07 19:25
To prove he's not a demon, President Obama sniffed himself2026-04-07 19:22
