时间:2025-04-26 17:44:26 来源:网络整理编辑:熱點
Okta, the San Francisco-based identity and access management company, reported a security breach on
Okta, the San Francisco-based identity and access management company, reported a security breach on Friday. Hackers gained access to private customer information through its customer support management system.
In a site-wide announcement, Okta Chief Security Officer David Bradbury revealed that hackers viewed content uploaded by some Okta customers related to recent support cases. These files, known as HTTP archive (HAR) files, help support personnel replicate customer browser activity for troubleshooting.
SEE ALSO:23andMe may have suffered yet another breach – your data is in jeopardy"HAR files can also contain sensitive data, including cookies and session tokens, that malicious actors can use to impersonate valid users," Bradbury said.
Bradbury did not disclose how the credentials were stolen nor if two-factor authentication was in place for the compromised support system. To mitigate the damage, Okta revoked embedded session tokens and advised customers to sanitize credentials within HAR files before sharing.
According to Arstechnica, the initial hack was stopped by security firm BeyondTrust, which alerted Okta to suspicious activity about a month ago. However, due to some flaws within Okta's security model, some actions were still carried out by malicious actors.
Bradbury confirmed that all affected customers have been informed. He also provided IP addresses and browser user agents associated with the hackers for further investigation. He also added that Okta's main production service and Auth0/CIC case management system remain unaffected.
Okta has had its fair share of hacker troubles lately. In March 2022, a group called Lapsus$ accessed an Okta admin panel, allowing them to reset customer passwords and authentication credentials. In December of that same year, Okta's source code was stolen from a GitHub account.
TopicsCybersecurity
Samsung Galaxy Note7 teardown reveals the magic behind the phone's iris scanner2025-04-26 17:35
菲仕樂與天貓超級品牌日再度聯手,傳統廚具零售創新營銷加碼2025-04-26 17:29
小八卦,趙露思,趙今麥,劉亦菲 ,蔣依依2025-04-26 17:00
玄俠劇《水龍吟》陣容官宣,華彩匠心塑造東方武俠世界2025-04-26 16:54
Airbnb activates disaster response site for Louisiana flooding2025-04-26 16:47
GAI爺最新單曲曝光 《中國驚奇先生》手遊主題曲燃爆冬日2025-04-26 16:31
東方物語“地球護衛隊Odyssey”“動次元”偶像力max2025-04-26 15:57
《唐朝詭事錄》定檔 ,郭靖宇監製 ,楊誌剛主演 ,特效大劇 ,爆款相2025-04-26 15:53
We asked linguists if Donald Trump speaks like that on purpose2025-04-26 15:53
影橙傳媒旗下小藝人欒雨澤拍攝微電影2025-04-26 15:38
Carlos Beltran made a very interesting hair choice2025-04-26 17:37
玄俠劇《水龍吟》陣容官宣,華彩匠心塑造東方武俠世界2025-04-26 17:28
馮提莫不敢簽花椒內幕揭秘:袁小征《在人間》太圈粉!2025-04-26 17:28
EDC首進中國定名雛菊電音嘉年華 發布會現場啟動主題曲海選計劃2025-04-26 17:25
Katy Perry talks 'Rise,' her next batch of songs, and how to survive Twitter2025-04-26 17:14
聚劃算搶攤新零售主陣地 ,正能量聚眾同行2025-04-26 16:55
群星助力CHIC十周年風尚大典 燃爆濟南奧體中心2025-04-26 16:55
獨家!春晚再添年輕陣容:楊洋陳偉霆張藝興獲邀2025-04-26 16:31
New Zealand designer's photo series celebrates the elegance of aging2025-04-26 15:58
《奔跑吧》閃耀微博之夜 攜手微博釋放優質IP價值2025-04-26 15:52