GitHub attack allowed attackers to steal Okta’s source code
However, Okta has confirmed that attackers did not gain access to customer data or services.
The authentication giant Okta has suffered another security breach. Reportedly, someone stole Okta’s source code after attacking the repositories GitHub.
Okta’s head of security, David Bradbury, issued a “confidential” email to their “security contacts”, revealing that the suspicious activity the company detected earlier in December 2022 has led to the leak of the code stores.
“After investigation, we have concluded that such access was used to copy Okta code repositories,” Okta’s notice said.
“We have decided to share this information in accordance with our commitment to transparency and partnership with our customers,” Okta explained.
According to Bradbury, GitHub notified it of possible suspicious activity and that someone was accessing the code repositories. Okta launched an investigation and concluded that access had indeed occurred. In response, the company temporarily restricted access to Okta GitHub repositories and suspended all GitHub integrations with third-party apps.
Okta has confirmed that the attackers did not gain access to customer data or services, reports Bleeding computer. Therefore, users of the various services, including HIPAA, DoD, and FedRAMP, were unaffected by this incident and did not need to adopt threat prevention practices.
It is worth noting that the users of these services are mainly US-based government, healthcare and defense organizations.
Okta and cyber attacks
Okta is a cloud-based identity and access management platform that provides secure single sign-on, user provisioning, data security and mobile device management.
The company already had a troubled year in terms of security. In March 2022Okta confirmed a data breach by the LAPSUS$ ransomware group, and in September Auth0, which is owned by Okta, reported the theft of its old source code.
There is no doubt that source code is a valuable resource, and stealing or leaking it can have far-reaching consequences. Okta, a common authentication platform, should be very concerned because attackers can use its source code to discover hidden bugs and launch new attacks against its customers.
So far, this breach appears limited to Okta’s Workforce Identity Cloud product and not Auth0 Customer Identity Cloud. Okta plans to share more findings about the incident soon.
- LastPass security breach – Hackers steal source code
- Source codes revealed in Microsoft Azure Blob account leak
- Lapsus$ Hackers stole T-Mobile’s source code, system data
- Twitch Hacked- Source Code, Streamer Payment Figures Leaked
- Samsung confirms data breach as Lapsus$ leaks source code