Saturday, November 23, 2024
ad
HomeNewsThird Breach of 2022 Results in Okta Source Code Theft from GitHub

Third Breach of 2022 Results in Okta Source Code Theft from GitHub

Okta, an authentication service provider, witnessed a major source code theft in the third GitHub breach of the year, compromising Okta’s Workforce Identity Cloud repositories hosted on GitHub. 

As per an email notification by Okta, GitHub notified the company of anonymous and suspicious activity in its source code repositories in early December, wherein anonymous actors duplicated some repositories containing Okta’s source code. However, no infrastructural or customer data was reportedly affected. 

Nevertheless, Okta source code theft can potentially impact the organization in two ways. It can expose how the organization works internally on software products and web-based platforms. Additionally, it can inadvertently leak passwords or other confidential information within the source code, which Toyota also witnessed in October 2022.

Read More: Poe: a New AI Platform Launched by Quora for Answering Questions

After being notified, Okta restricted its GitHub access and suspended all sorts of integrations with third-party applications. The authorities notified that no customer action or service would be terminated–they are operational and secure. 

Okta wrote, “We have taken steps to ensure that this code cannot be used to access company or customer environments.” The company is, unfortunately, an attractive target for source code theft, given its access management products and services with a solid consumer base of over 17,000 people. In fact, there is a phishing campaign called Oktapus, which intends threat actors to try compromising Okta credentials and 2FA (two-factor authentication) code.

Okta has also suffered other cyber attacks in 2022. In January, it was targeted by the Lapsus$ extortion group, compromising over 2.5% of Okta customers. Later in September, the company suffered a break of Auth0 code repositories.

Subscribe to our newsletter

Subscribe and never miss out on such trending AI-related articles.

We will never sell your data

Join our WhatsApp Channel and Discord Server to be a part of an engaging community.

Disha Chopra
Disha Chopra
Disha Chopra is a content enthusiast! She is an Economics graduate pursuing her PG in the same field along with Data Sciences. Disha enjoys the ever-demanding world of content and the flexibility that comes with it. She can be found listening to music or simply asleep when not working!

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular