Okta hit again by another breach; 5,000 Okta employees’ data stolen in third-party vendor breach
It appears that Okta’s persistent security problem is not going away anytime soon. The identity and authentication management provider was recently hit by another breach. This time, hackers breached a third-party vendor which led to the theft of personal information belonging to 5,000 Okta employees.
According to a report by Arstechnica, the breach took place in late September through Rightway Healthcare, a service utilized by Okta to aid employees and their dependents in accessing healthcare providers and plan rates. An unidentified threat actor accessed Rightway’s network and absconded with an eligibility census file maintained for Okta. Despite learning about the breach and data theft on October 12, Okta disclosed the incident three weeks later, on a Thursday, the report says.
The news follows last month’s report that the Okta data breach had spread to Cloudflare and 1Password. A day earlier, the single-sign-on cybersecurity firm confirmed that hackers had gained access to its system using stolen tokens and credentials from its support unit. Now, the incident has spread to network and security giant Cloudflare and password manager maker 1Password.
In a letter sent to affected Okta employees, the company outlined the contents of the compromised file, which included personal information such as names, Social Security numbers, and health or medical insurance plan numbers. The letter assured that there’s no evidence suggesting misuse of this personal information against the affected individuals.
“The types of personal information contained in the impacted eligibility census file included your Name, Social Security Number, and health or medical insurance plan number,” a letter sent to affected Okta employees stated. “We have no evidence to suggest that your personal information has been misused against you.”
The disclosure highlighted that an investigation was promptly initiated by Okta upon discovery of the breach. The investigation revealed that data from 4,961 Okta employees was among the pilfered information.
According to Okta, information from Rightway indicated that the intruder initially gained access through a Rightway employee’s cell phone, allowing them to change credentials and access the files. The files containing data from April 2019 through 2020 were taken from Rightway’s IT environment. The exposed personal information pertained to Okta employees and their dependents from the years 2019 and 2020. Furthermore, Okta was informed by Rightway that the breach involved multiple customers of the service provider.
“This incident does not relate to the use of Okta services and Okta services remain secure,” the representative said. “No Okta customer data is impacted by this incident.”
While Okta may not be a household name, it plays a critical role in the cybersecurity systems of major corporations. The identity management company serves over 18,000 customers, offering a single login point for various platforms used by these organizations. For instance, Zoom utilizes Okta to provide seamless access to Google Workspace, ServiceNow, VMware, and Workday platforms.
Founded in 2009 by Todd McKinnon and Frederic Kerrest, Okta is a cybersecurity firm renowned for delivering identity and access management solutions, facilitating secure and seamless access to various digital services and platforms for organizations.