A September hack of popular identity management firm Okta was far more extensive than previously known and saw the hackers steal data on all users in Okta’s customer support system, the company revealed Wednesday.
The admission is a stark contrast from Okta’s statement earlier this month that said it had determined, after finalizing an investigation, that the incident affected less than 1% of the more than 18,000 customers around the world that use Okta’s tools to log into their networks.
San Francisco-based Okta said it doesn’t have “direct knowledge or evidence” that the information stolen in the latest breach is being actively exploited by hackers. But chief security officer David Bradbury conceded in a blog post that the information could be used “to target Okta customers via phishing or social engineering attacks.”
It’s unclear who was behind the hack. An Okta spokesperson told CNN that the company does not plan to publicly blame a specific hacking group for the incident, which was disclosed in October.
The vast majority of the information stolen by the hackers involved names and email addresses of customers, according to Okta.
It’s the latest blow to a key cybersecurity provider that government agencies and corporations place a great amount of trust in as they try to keep cybercriminals and spies out of their networks. Last January, a prolific group of young cybercriminals breached Okta via one of the firm’s vendors in a separate security incident that was far smaller in scope, potentially affecting up to 366 customers, according to Okta.
Okta’s stock plunged Wednesday morning amid the news of the latest cybersecurity incident but has since rebounded a bit.
Read the full article here