Okta reportedly confirms code breach. Reports of a GitHub breach of Okta code have now been confirmed.
Okta Reportedly Confirms Code Breach
Authentication firm Okta has now confirmed recent claims and reports of a data breach thus affecting its internal code.
The company in a press release repeated the points that were given in a confidential email that was shared with its security contacts namely that someone managed to get access to the GitHub repository of the company which is a breach of which the company was notified of in the early part of December this year.
Okta after investigating the issue concluded that someone has copied the source code parked in the repository and then moved to secure its premises by putting temporary restrictions and then suspending all GitHub integrations with third-party applications.
Further investigation by the company uncovered that the customers of Okta customers were not affected by the incident, thus including that HIPAA, FedRAMP, and DoD customers, therefore, are not required to do anything. “Okta does not rely on the confidentiality of its source code for the security of its services,” the announcement states. “The Okta service remains fully operational and secure.”
The Breach Pertains To the Workforce Identity Cloud (WIC) Code Repositories of Okta
The said breach pertains to the Workforce Identity Cloud (WIC) code repositories of Okta; the firm confirmed thus adding that it does not really pertain to any Auth0 (Customer Identity Cloud) products.
The announcements however conclude that law enforcement agencies have been notified of the incident. Raj Samani, SVP Chief Scientists at Rapid7 when commenting on the news said a company’s source code is quite valuable and as such, also important to cybercriminals.
“From our own research, we know that intellectual property is a popular target for threat actors with 12% of data disclosures between April 2020 and February 2022 containing it,” Samani stated. “Stolen source code can be used to find hidden security vulnerabilities and launch further attacks on a business; therefore, it is crucial that such sensitive information is protected.”
This Is Not the First Incident of Its Kind at Oka
This is not the first rodeo of Oka. Notorious extortion group Lapsus$ back in March announced that it had breached the administrative consoles of Okta and had also stolen customer data.
Auth0 which is reportedly owned by Okta back in September reported a more similar issue when a third-party individual managed to get his hands on old source code. The method as to how it happened was never established; as it is still very much unknown if any type of malware was involved.