Hackers have breached Okta’s repositories hosted on GitHub and stolen bits of source code for Okta Workforce Identity Cloud (WIC), according to a report by BleepingComputer.
Besides the obvious problem of stolen source code, there’s always the issue of a third party obtaining direct access to the repositories. It could allow hackers to make changes to the source code, inserting backdoors or other malicious code.
According to BleepingComputer, Okta sent a confidential notice to its security contacts, saying that GitHub informed them about suspicious activities in its repositories and that the access was used to copy data.
Even if the investigation revealed that the hackers seemed to have only copied the data, the company had to make sure that no tampering took place.
“We have since reviewed all recent access to Okta software repositories hosted by GitHub to understand the scope of the exposure, reviewed all recent commits to Okta software repositories hosted with GitHub to validate the integrity of our code, and rotated GitHub credentials. We have also notified law enforcement,” explained the company.
“As soon as Okta learned of the possible suspicious access, we promptly placed temporary restrictions on access to Okta GitHub repositories and suspended all GitHub integrations with third-party applications,” Okta added.
The company was also keen to underline that the hack didn’t affect the HIPAA, FedRAMP or DoD customers.
Unfortunately for the company, this is not the first time it’s fallen victim. In April 2021, Okta was one of the many companies affected by the wave of LAPSUS$ attacks, alongside Microsoft, NVIDIA, Ubisoft, Samsung and others.
tags
Silviu is a seasoned writer who followed the technology world for almost two decades, covering topics ranging from software to hardware and everything in between.
View all postsNovember 14, 2024
September 06, 2024