Okta's source code stolen

[erek]

After a GitHub intrusion, the repositories were unveiled / leaked.

"As soon as Okta learned of the possible suspicious access, we promptly placed temporary restrictions on access to Okta GitHub repositories and suspended all GitHub integrations with third-party applications.

We have since reviewed all recent access to Okta software repositories hosted by GitHub to understand the scope of the exposure, reviewed all recent commits to Okta software repositories hosted with GitHub to validate the integrity of our code, and rotated GitHub credentials. We have also notified law enforcement.

Additionally, we have taken steps to ensure that this code cannot be used to access company or customer environments. Okta does not anticipate any disruption to our business or our ability to service our customers as a result of this event.

Note: The security event pertains to Okta Workforce Identity Cloud (WIC) code repositories. It does not pertain to any Auth0 (Customer Identity Cloud) products.

We have decided to share this information consistent with our commitment to transparency and partnership with our customers."

Source: https://www.bleepingcomputer.com/ne...code-stolen-after-github-repositories-hacked/

 

[Zarathustra[H]]

I'm not familiar with Okta. What do they do?

My Google search results suggest something to do with authentication, but are a little vague beyond that.

 

[Eymar]

From my understanding, basically one of the bigger single sign on (SSO) services that most businesses use. Regardless of cause/scope means a lot of headaches for IT as bunch of login sessions may need to be invalidated and services (photoshop, office 360, slack, etc.) that end users normally didn't have to have username/password may need it on a per user basis until a new SSO is setup for company.

 

[Lakados]

I'm not familiar with Okta. What do they do?

My Google search results suggest something to do with authentication, but are a little vague beyond that.

Their basically an MDM, they gave me a sales pitch a few years back, they were too expensive for me and didn’t offer me anything I wasn’t already doing and couldn’t get rid of.

 

[MrGuvernment]

From my understanding, basically one of the bigger single sign on (SSO) services that most businesses use. Means a lot of headaches for IT as bunch of login sessions may need to be invalidated and services (photoshop, office 360, slack, etc.) that end users normally didn't have to have username/password may need it on a per user basis until a new SSO is setup for company.

Nope, they said none of that is affected and no client data or that side of the business was affected.
But, we also know companies always down play events like this, and considering Okta's track record this year, and their industry they work in, I will be sure to steer clients away from using them where ever possible because they clearly have some major security holes in their company.

 

[Zarathustra[H]]

From my understanding, basically one of the bigger single sign on (SSO) services that most businesses use. Means a lot of headaches for IT as bunch of login sessions may need to be invalidated and services (photoshop, office 360, slack, etc.) that end users normally didn't have to have username/password may need it on a per user basis until a new SSO is setup for company.

Thanks, I figured since I hadn't run into them that they had to be one of those backend service providers that I was probably indirectly using without knowing it.

Appreciate the confirmation.

 

[Eymar]

Nope, they said none of that is affected and no client data or that side of the business was affected.
But, we also know companies always down play events like this, and considering Okta's track record this year, and their industry they work in, I will be sure to steer clients away from using them where ever possible because they clearly have some major security holes in their company.

Yeah meant in general, not regarding this specific incident. Though this particular incident is the kind that some IT\Security teams will use as extra precaution, highlight the need for their team, flex power by making life harder through invaliding SSO login sessions, require new passwords, etc. in the name of security.