Cybersecurity firm Okta lost $2 billion in market cap as data breach woes deepen

Single-sign-on cybersecurity firm Okta has lost more than $2 billion from its market valuation since it revealed a breach of its support systems last Friday. This isn’t the first time Okta has been targeted by hackers; its source codes were stolen last October due to a GitHub repository hack.

Last week’s data breach is just the latest in a series of notable incidents associated with Okta and its products. This includes a string of intrusions at casinos that disrupted Las Vegas hotel operations for several days. On October 19, Okta reported that it had detected adversarial activity accessing their support case system, where hackers gained access to files containing session cookies and tokens, which could be used for impersonation. BeyondTrust initially spotted this activity before Okta informed affected customers.

Following the announcement of the unidentified hacking group’s access to client files through a support system, Okta’s shares tumbled more than 11% on Friday. The company has not disclosed further details beyond technical identifiers, leading to a further 8.1% drop in the stock’s value on Monday, CNBC reported.

While Okta may not be a household name, it plays a critical role in the cybersecurity systems of major corporations. The identity management company serves over 18,000 customers, offering a single login point for various platforms used by these organizations. For instance, Zoom utilizes Okta to provide seamless access to Google Workspace, ServiceNow, VMware, and Workday platforms.

Okta has stated that it communicated with all impacted clients following Friday’s announcement. Notably, at least one of these clients had previously alerted Okta to a potential breach weeks prior.

In a separate statement, privately held identity management firm BeyondTrust revealed that its security teams detected an identity-centric attack on an in-house Okta administrator account on October 2, 2023. BeyondTrust managed to detect and resolve the attack using its Identity Security tools, ensuring no impact or exposure to its infrastructure or customers. However, Okta did not initially classify the incident as a breach, despite concerns raised by BeyondTrust about the likelihood of compromise within Okta support and the potential impact on other customers.

“On October 2nd, 2023, the BeyondTrust security teams detected an identity-centric attack on an in-house Okta administrator account. We immediately detected and remediated the attack through our own Identity Security tools, resulting in no impact or exposure to BeyondTrust’s infrastructure or to our customers. The incident was the result of Okta’s support system being compromised which allowed an attacker to access sensitive files uploaded by their customers,” BeyondTrust wrote.

Founded in 2009 by Todd McKinnon and Frederic Kerrest, Okta is a cybersecurity firm renowned for delivering identity and access management solutions, facilitating secure and seamless access to various digital services and platforms for organizations.