1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Okta says its source code was stolen after hack

    From TechnologyDaily@1337:1/100 to All on Wed Dec 21 12:30:03 2022
    Okta says its source code was stolen after hack

    Date:
    Wed, 21 Dec 2022 12:15:04 +0000

    Description:
    There's been no public statement from Okta yet, but it has reportedly
    notified its "security contacts" of the incident.

    FULL STORY ======================================================================

    Authentication giant Okta has had its source code taken after GitHub repositories belonging to the company were breached, reports have claimed.

    A confidential email notification allegedly sent by Okta to its security contacts noted that after investigating suspicious activity it had been alerted to earlier this month, the company had concluded that someone copied its code repositories.

    Whoever was behind the attack did not access Okta's services, or customer data, the notification further reads. Okta's HIPAA, FedRAMP or DoD customers have not been affected by the incident, and do not need to do anything at
    this point. Popular targets

    BleepingComputer further found that the incident seems to be related to the Okta Workforce Identity Cloud (WIC) code repositories, but not Auth0 Customer Identity Cloud products.

    Commenting on the news, Raj Samani, SVP Chief Scientist at Rapid7, said a company's source code is quite valuable, and as such, important to cybercriminals.

    "From our own research, we know that intellectual property is a popular
    target for threat actors with 12% of data disclosuresbetween April 2020 and February 2022 containing it," Samani said. "Stolen source code can be used to find hidden security vulnerabilities and launch further attacks on a
    business; therefore, it is crucial that such sensitive information is protected. Read more

    Everything we know about Lapsus$ and Okta so far


    Okta confirms hundreds of customers could be affected by data breach


    These are the best firewalls today

    So far, Okta is yet to publicly confirm or deny the breach, but the incident is the latest to affect the company in 2022.

    In March, notorious extortion group Lapsus$ announced it had breached Oktas administrative consoles and stole customer data.

    And in September, Auth0 (owned by Okta) reported a similar incident, when a third-party individual managed to steal old source code. The method was never established, so it isn't known if any malware was involved. Here is our rundown of the best endpoint protection solutions around

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/okta-says-its-source-code-was-stolen-after-hack


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)