expired: Okta, an American identity and access management company, on Tuesday began investigating a digital attack after the expired group began publishing screenshots, which claimed to be internal data from the authentication company. The following day, David Bradbury, the company’s director of security, acknowledged that the hack occurred at the beginning of the year and may have impacted 366 customers, whose names were not disclosed.
While it is not yet known how many end users may have been affected, the announcement has raised concerns among thousands of organizations. That’s because Okta’s service is precisely designed to create a single, secure login for employees of a wide variety of top customers, such as Fedex and Moody’s.
In Bradbury’s Okta blog post, he provides a timeline beginning January 20, indicating that the company initially acted very quickly to suspend the account of a third-party Sitel employee whose credentials were used in a security breach. However, after this action, which lasted a little over an hour, the subsequent forensic analysis took more than two months.
What could happen to the 366 affected business accounts?
In his post, the CEO explains that Okta, like most SaaS (software as a service) providers, uses several outsourced companies to provide services to customers, such as Sitel. However, Bradbury points out, the access afforded to technicians at these companies is limited and does not include the ability to download customer data, although it is natural for them to want to make their own assessments.
The executive says he is disappointed with Okta’s delay in taking action on the matter, saying he is confident “the Okta service has not been breached and no corrective action is required by our customers” .