Okta breach: All customer support users' data stolen

Okta, one of the leaders in providing identity and access management (IAM) solutions, has discovered new information about a security incident in October 2023. The incident affected Okta’s customer support management system, the Okta Help Center. As a result, there is potential for further impact on the security of Okta’s customers.

What is Okta?

Okta specializes in providing identity management solutions for various businesses, both small and large, offering a centralized sign-on point for employees. This makes Okta an attractive target for hackers seeking to exploit vulnerabilities or misconfigurations to access multiple targets.

Okta has confirmed that the recent data breach did not impact customers operating in government or Department of Defense environments. Okta is currently working with a digital forensics firm to investigate the incident. Once the investigation is concluded, Okta intends to share the investigative report with its customers and notify individuals whose data was downloaded.

We are working with a digital forensics firm to support our investigation and we will be sharing the report with customers upon completion. In addition, we will also notify individuals that have had their information downloaded.

: a spokesperson said in a statement to CNBC.

Okta has stated that the report contains mostly blank fields and does not contain any sensitive personal data or user credentials. For 99.6% of users in the report, only their full name and email address are recorded as contact information. While this does not definitively prove that important credentials were not lost, it does indicate that the likelihood of such an event occurring is only for a few people.

Initially, Okta had disclosed that approximately 130 customers were affected by the breach. This announcement led to a significant drop in Okta’s share price, causing a decrease in market capitalization of approximately $2 billion.