giant authentication Okta The source code was taken after the company’s GitHub repository was breached, reports have claimed.
A “confidential” email message allegedly sent by Okta to their “security contacts” noted that after investigating suspicious activity they were alerted to earlier this month, the company concluded that someone copied their code repository.
The notice added that the person behind the attack did not have access to Okta’s services or customer data. Okta’s HIPAA, FedRAMP, or DoD customers are not affected by the issue and do not need to do anything at this time.
BleepingComputer further found that the issue appeared to be related to Okta’s Workforce Identity Cloud (WIC) code repository, not Auth0 Client Identity Cloud products.
Commenting on the news, Raj Samani, SVP Chief Scientist at Rapid7, said a company’s source code is quite valuable and, therefore, very important to cybercriminals.
“We know from our own research that intellectual property is a common target for threat actors, with 12% of the data disclosed between April 2020 and February 2022 potentially,” Samani said. contain it”. “Stolen source code can be used to find hidden security holes and launch further attacks on the business; therefore, it is important that such sensitive information is protected.”
So far, Okta has not publicly confirmed or denied the breach, but the incident is the latest to affect the company in 2022.
In March, the notorious blackmail group Lapsus$ claimed to have breached Okta’s admin dashboard and stolen customer data.
And in September, Auth0 (owned by Okta) reported a similar incident, when a “third-party individual” stole the old source code. This method has never been established, so don’t know if there is one malware (opens in a new tab) joined.
Via: BleepingComputer (opens in a new tab)