Security News Okta's source code stolen after GitHub repositories hacked

Gandalf_The_Grey

Gandalf_The_Grey

Level 71
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
5,952
Content source
https://www.bleepingcomputer.com/news/security/oktas-source-code-stolen-after-github-repositories-hacked/
Okta, a leading provider of authentication services and Identity and Access Management (IAM) solutions, says that its private GitHub repositories were hacked this month.

According to a 'confidential' email notification sent by Okta and seen by BleepingComputer, the security incident involves threat actors stealing Okta's source code.

Source code stolen, customer data not impacted

BleepingComputer has obtained a 'confidential' security incident notification that Okta has been emailing to its 'security contacts' as of a few hours ago. We have confirmed that multiple sources, including IT admins, have been receiving this email notification.

Earlier this month, GitHub alerted Okta of suspicious access to Okta's code repositories, states the notification.

"Upon investigation, we have concluded that such access was used to copy Okta code repositories," writes David Bradbury, the company's Chief Security Officer (CSO) in the email.

Despite stealing Okta's source code, attackers did not gain unauthorized access to the Okta service or customer data, says the company. Okta's "HIPAA, FedRAMP or DoD customers" remain unaffected as the company "does not rely on the confidentiality of its source code as a means to secure its services." As such, no customer action is needed.
Click to expand...
www.bleepingcomputer.com

Okta's source code stolen after GitHub repositories hacked

In a 'confidential' email notification sent by Okta and seen by BleepingComputer, the company states that attackers gained access to its GitHub repositories this month and stole the company's source code.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Wow
  • Like
  • +Reputation
Reactions: oldschool, silversurfer, Correlate and 2 others
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,550
does not rely on the confidentiality of its source code as a means to secure its services
Click to expand...
Sure, until the creation of backdoors start hitting their customers. :rolleyes:

Okta are no strangers in the hacked news headlight from previous this year, and wouldn't be a surprise those breaches helped the attackers also now.

malwaretips.com

Okta investigating claims of customer data breach from Lapsus$ group

Okta, a leading provider of authentication services and Identity and access management (IAM) solutions says it is investigating claims of data breach. On Tuesday, data extortion group Lapsus$ posted screenshots in their Telegram channel of what it alleges to be Okta's customer data. As...
malwaretips.com malwaretips.com
malwaretips.com

Twilio Customer Data Exposed after its Staffers got Phished

Thanks @Lament are the trackers a recent discovery? Do you have a link where I could read more on this topic, please? BTW I am using 2FAS on Android and iOS. Aegis on Android works very well too but 2FAS is just a backup app. I simply can't afford to have my TOTP tied down to a single mobile...
malwaretips.com malwaretips.com
 
  • Like
  • +Reputation
Reactions: oldschool, harlan4096, silversurfer and 3 others
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,550

5 apr. 2022
We gonna learn from our mistakes
Click to expand...
airplane-funny.gif
 
  • HaHa
  • Like
Reactions: harlan4096, Correlate, silversurfer and 2 others
Andrezj

Andrezj

Level 6
Nov 21, 2022
270
upnorth said:
Sure, until the creation of backdoors start hitting their customers. :rolleyes:
Click to expand...
naturally okta will harden or migrate its repos to prevent this
threat actor is more likely to try to find vulnerabilities in source code that can be exploited than try to upload a malicious embed to the new repo
upnorth said:
Okta are no strangers in the hacked news headlight from previous this year, and wouldn't be a surprise those breaches helped the attackers also now.
Click to expand...
twilio authy database got hacked, which a okta subcontractor used for 2fa, then that subcontractor got hacked using the stolen 2fa data and then one of their laptops exploited, next the hackers stole the subcontractor's okta customer service portal password and gained access to a particular area of okta customer data
this just shows that the entire supply chain is full of security weaknesses beyond your control, no matter how much due diligence you do
upnorth said:

5 apr. 2022

View attachment 271460
Click to expand...

okta probably will make significant changes as customers have left to sailpoint, cyberark - mind you these companies are susceptible to all the same things as happened to okta
 
  • Like
Reactions: oldschool

Similar threads

Gandalf_The_Grey
    • Like
    • Thanks
    • Wow
Security News Slack's private GitHub code repositories stolen over holidays
Replies
1
Views
366
Security News
upnorth
upnorth
Gandalf_The_Grey
    • Like
    • +Reputation
Security News GitHub revokes code signing certificates stolen in repo hack
Replies
0
Views
144
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • +Reputation
Okta investigating claims of customer data breach from Lapsus$ group
Replies
9
Views
1,655
News Archive
ForgottenSeer 94654
F

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top