Okta's source code stolen after GitHub repositories hacked

Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,238
Content source
https://www.bleepingcomputer.com/news/security/oktas-source-code-stolen-after-github-repositories-hacked/
Okta, a leading provider of authentication services and Identity and Access Management (IAM) solutions, says that its private GitHub repositories were hacked this month.

According to a 'confidential' email notification sent by Okta and seen by BleepingComputer, the security incident involves threat actors stealing Okta's source code.

Source code stolen, customer data not impacted

BleepingComputer has obtained a 'confidential' security incident notification that Okta has been emailing to its 'security contacts' as of a few hours ago. We have confirmed that multiple sources, including IT admins, have been receiving this email notification.

Earlier this month, GitHub alerted Okta of suspicious access to Okta's code repositories, states the notification.

"Upon investigation, we have concluded that such access was used to copy Okta code repositories," writes David Bradbury, the company's Chief Security Officer (CSO) in the email.

Despite stealing Okta's source code, attackers did not gain unauthorized access to the Okta service or customer data, says the company. Okta's "HIPAA, FedRAMP or DoD customers" remain unaffected as the company "does not rely on the confidentiality of its source code as a means to secure its services." As such, no customer action is needed.
Click to expand...
www.bleepingcomputer.com

Okta's source code stolen after GitHub repositories hacked

In a 'confidential' email notification sent by Okta and seen by BleepingComputer, the company states that attackers gained access to its GitHub repositories this month and stole the company's source code.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • +Reputation
  • Wow
  • Like
Reactions: vtqhtr413, oldschool, silversurfer and 3 others
upnorth

upnorth

Level 68
Verified
Top Poster
Malware Hunter
Well-known
Jul 27, 2015
5,458
does not rely on the confidentiality of its source code as a means to secure its services
Click to expand...
Sure, until the creation of backdoors start hitting their customers. :rolleyes:

Okta are no strangers in the hacked news headlight from previous this year, and wouldn't be a surprise those breaches helped the attackers also now.

malwaretips.com

Okta investigating claims of customer data breach from Lapsus$ group

Okta, a leading provider of authentication services and Identity and access management (IAM) solutions says it is investigating claims of data breach. On Tuesday, data extortion group Lapsus$ posted screenshots in their Telegram channel of what it alleges to be Okta's customer data. As...
malwaretips.com malwaretips.com
malwaretips.com

Twilio Customer Data Exposed after its Staffers got Phished

Thanks @Lament are the trackers a recent discovery? Do you have a link where I could read more on this topic, please? BTW I am using 2FAS on Android and iOS. Aegis on Android works very well too but 2FAS is just a backup app. I simply can't afford to have my TOTP tied down to a single mobile...
malwaretips.com malwaretips.com
 
  • Like
  • +Reputation
Reactions: vtqhtr413, oldschool, harlan4096 and 4 others
upnorth

upnorth

Level 68
Verified
Top Poster
Malware Hunter
Well-known
Jul 27, 2015
5,458

5 apr. 2022
We gonna learn from our mistakes
Click to expand...
airplane-funny.gif
 
  • HaHa
  • Like
Reactions: vtqhtr413, harlan4096, [correlate] and 3 others
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • +Reputation
    • Wow
    • Like
Okta hit by third-party data breach exposing employee information
Replies
0
Views
878
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
upnorth
    • Like
    • +Reputation
Security News Hackers Stole Access Tokens from Okta’s Support Unit
Replies
3
Views
3,029
Security News
Gandalf_The_Grey
Gandalf_The_Grey
MuzzMelbourne
    • Wow
    • Like
    • +Reputation
Security News GitHub besieged by millions of malicious repositories in ongoing attack
Replies
4
Views
1,947
Security News
Can't Decide
C

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top