We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Okta’s Support System Breach Exposes Customer Data

Okta’s Support System Breach Exposes Customer Data
Author Image Keira Waddell
Keira Waddell Published on 24th October 2023 Former Senior Writer

Okta, a leading identity and access management company, recently faced a security breach in its support unit, exposing customer data. The breach, disclosed on October 19, was caused by a cybercriminal who used stolen credentials to gain unauthorized access to files containing sensitive customer information.

According to Okta’s Chief Security Officer David Bradbury, the hacker specifically accessed the case management system, making it possible to view files uploaded by Okta customers as part of recent support cases. Although separate from the company’s operational services, the compromised support case management system raised the alarm due to the potential exposure of crucial data.

One of the major concerns stemming from the breach was the exposure of HTTP Archive (HAR) files, which store data such as cookies and session tokens. For troubleshooting purposes, these files contain sensitive information that malicious actors could potentially leverage to impersonate customers and gain unauthorized access to their accounts.

Okta responded swiftly, working with affected customers to revoke embedded session tokens and advising for the future that they ensure the files they share don’t contain any sensitive information.

BeyondTrust, one of Okta’s customers, provided additional insights into the incident, revealing that the breach attempt was detected on October 2, 2023. Despite immediate reporting, Okta took over two weeks to confirm the breach. Cloudflare, another entity affected by the breach, confirmed the exploitation of an authentication token stolen from Okta’s support system.

The initial report on the incident came from security journalist Brian Krebs, who stated that Okta managed to contain the situation by October 17, as confirmed by the company’s deputy chief information security officer, Charlotte Wylie.

This breach adds to a string of security incidents involving Okta over the past couple of years. These include attacks from hacking groups like Lapsus$ and Scatter Swine that resulted in data exposure, and the theft of source code repositories from Okta’s subsidiary, Auth0. The repetition of such incidents has led to growing skepticism about Okta’s security protocols and its ability to safeguard customer data effectively.

About the Author

Keira was a senior writer at vpnMentor. She is an experienced cybersecurity and tech writer dedicated to providing comprehensive insights on VPNs, online privacy, and internet censorship.

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address