Blog - Cyber Security Informer

okta-data-breach-users-exposed

Blog

All Customer Support System Users Exposed in The Okta Data Breach

Heimadal Security

NOVEMBER 29, 2023

The ongoing Okta data breach investigation brings new details to light. The company announced that hackers have accessed data from every user of Okta’s customer support system.

Data breaches

Data breaches Cybersecurity

Okta’s Breach Highlights Risk of Putting Crown Jewels in the Cloud

Security Boulevard

MARCH 24, 2022

Identity credentials and source code are critical assets that can create major risks for your organization when exposed by breaches of third-party cloud service companies that provide identity management and software composition analysis. Making matters worse, a known Ransomware group claimed credit for the breach.

Risk

Risk Software Engineering Passwords

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

Multiple trusted sources told KrebsOnSecurity that Sosa/King Bob was a core member of a hacking group behind the 2022 breach at Twilio , a company that provides services for making and receiving text messages and phone calls. 0ktapus often leveraged information or access gained in one breach to perpetrate another. According to an Aug.

Social Engineering

Social Engineering Mobile Cybercrime Passwords

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

LAPSUS$ Cyber Crime Spree Nabs Microsoft, Okta, NVIDIA, Samsung

eSecurity Planet

MARCH 24, 2022

The LAPSUS$ threat group has had an attention-grabbing month, snaring high-profile victims like Microsoft, Okta , NVIDIA, Samsung and others. On March 22, Microsoft confirmed a substantial breach by the LAPSUS$ hacking group. The Victims: Microsoft, Okta, and Many Others. It’s unknown what data was compromised.

Social Engineering

Social Engineering Engineering Data breaches Hacking

GUEST ESSAY: Why CISOs absolutely must take authentication secrets much more seriously

The Last Watchdog

MARCH 1, 2023

However, unlike passwords intended for a single user, secrets must be distributed. Someone stole its source code which exposed development credentials and keys. Later in December, LastPass revealed that an attacker had used the stolen source code to access and decrypt customer data. In January 2023, CircleCI was breached.

Authentication

Authentication CISO Passwords Software

A Closer Look at the LAPSUS$ Data Extortion Group

Krebs on Security

MARCH 23, 2022

Microsoft and identity management platform Okta both this week disclosed breaches involving LAPSUS$ , a relatively new cybercrime group that specializes in stealing data from big companies and threatening to publish it unless a ransom demand is paid. In a blog post published Mar.

Social Engineering

Social Engineering Accountability Mobile Passwords

Remote Desktop: You’re Opening the Floodgates for Hackers

Security Boulevard

APRIL 16, 2021

This blog post was originally created by Jeremy Rasmussan, Chief Technology Officer at Abacode. Read the original blog here. . RDP is the Microsoft proprietary client-server protocol that allows users to connect to remote systems over the network. Once is a fluke. Twice a pattern. What is RDP? How are they attacking it?

Firewall

Firewall Passwords Authentication Accountability

5 SaaS security best practices

Malwarebytes

DECEMBER 8, 2022

While SaaS is without a doubt the easiest and most accessible way for businesses to reap the benefits of the cloud, these services are delivered online—which can make it easier for data leaks to happen or threat actors to get a hold of sensitive data. Not only does SaaS sprawl waste money, but it has security risks as well.

Data breaches

Data breaches Malware Firewall Risk

The 773 Million Record "Collection #1" Data Breach

Troy Hunt

JANUARY 16, 2019

Many people will land on this page after learning that their email address has appeared in a data breach I've called "Collection #1". It's made up of many different individual data breaches from literally thousands of different sources. This number makes it the single largest breach ever to be loaded into HIBP.

Data breaches

Data breaches Passwords Password Management Accountability

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

Mobile devices exposed to wide attacks. Last June, Google’s TAG team released a blog post documenting attacks on Italian and Kazakh users that they attribute to RCS Lab, an Italian offensive software vendor. One of the major cyber-incidents of 2022 took place early this year: the Okta hack.

Firmware

Firmware Surveillance Mobile Telecommunications

All Customer Support System Users Exposed in The Okta Data Breach

Okta’s Breach Highlights Risk of Putting Crown Jewels in the Cloud

Webinars

Trending Sources

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Webinars

LAPSUS$ Cyber Crime Spree Nabs Microsoft, Okta, NVIDIA, Samsung

GUEST ESSAY: Why CISOs absolutely must take authentication secrets much more seriously

A Closer Look at the LAPSUS$ Data Extortion Group

Remote Desktop: You’re Opening the Floodgates for Hackers

5 SaaS security best practices

The 773 Million Record "Collection #1" Data Breach

Advanced threat predictions for 2023

Stay Connected