Okta hackers stole data on all customer support users in major breach

In this photo illustration, an Okta logo is displayed on a smartphone.

Rafael Henrique | SOPA Images | LightRocket | Getty Images

Hackers who compromised Okta’s customer support system stole data from all of the cybersecurity firm’s customer support users, Okta said in a letter to clients obtained by CNBC Tuesday, a far greater incursion than the company initially believed.

The news sent shares down as much as 7% in pre-market trading on Wednesday morning, although the stock recovered after Okta posted earnings that beat estimates. The company had originally been expected to report earnings after the bell, but moved its report up to the morning shortly after it disclosed the expanded breach in a blog post filed with the SEC.

The company reported adjusted earnings per share of 44 cents, better than the 30 cents analysts surveyed by LSEG, formerly Refinitiv, were expecting. Revenue for the third quarter came in at $584 million, better than the consensus estimate of $563 million.

The expanded scope opens customers up to the risk of heightened attacks or phishing attempts, Okta warned. An Okta spokesperson told CNBC that customers in government or Department of Defense environments were not impacted by the breach.

There is no “direct evidence” that the unidentified hackers are using the data they extracted to target customers, Okta said in the letter. 99.6% of those customers had an email and full name leaked, the letter notes.

“We are working with a digital forensics firm to support our investigation and we will be sharing the report with customers upon completion. In addition, we will also notify individuals that have had their information downloaded,” a spokesperson said in a statement to CNBC.

Nonetheless, Okta provides identity management solutions for thousands of small and large businesses, allowing them to give employees a single point of sign on. It also makes Okta a high-profile target for hackers, who can exploit vulnerabilities or misconfigurations to gain access to a slew of other targets.

In the high-profile attacks on MGM and Caesars, for example, threat actors used social engineering tactics to exploit IT help desks and target those company’s Okta platforms. The direct and indirect losses from those two incidents exceeded $100 million, including a multi-million dollar ransom payment from Caesars.

Bloomberg first reported on the letter to Okta customers.

Okta first disclosed that its customer support system had been hacked but said at the time that around 130 customers were impacted by the breach. The news sent the company’s share price down more than 11% and ultimately wiped out around $2 billion in market cap.

Leave a Reply

Your email address will not be published. Required fields are marked *