A dump allegedly containing data stolen from Okta during an attack in October 2023 was put up for sale on a hacker forum. The company stated that this data does not belong to it.

Recall that the attack on Okta, a large supplier of access and identity management systems, became known in the fall of 2023. As the investigation showed, this incident, associated with the hacking of the company’ ;s customer support system, allowed hackers to gain access to the data of all Okta customers.

In particular, attackers have fallen into the hands of HTTP Archive (HAR) files, which are needed to reproduce errors encountered by users and are used in troubleshooting various problems. These files may contain sensitive data, including cookies and session tokens, which could ultimately be used by hackers to take over Okta customer accounts.

It is known that large companies such as identity management company BeyondTrust, Cloudflare and password manager 1Password were among the victims.

Over the weekend, a hacker going by the name Ddarknotevil said he was releasing an Okta database containing information about 3,800 of the company’s customers that was stolen in last year’s hack .

Hackers sell Okta data on the dark web, unrelated to last year's attack.

According to him, the leak includes user IDs, full names, company names, office addresses, phone numbers, email addresses, titles, roles and other information.

Bleeping Computer contacted Okta to find out if this leak is indeed related to the October incident (or some other unknown hack). In response, the company stated that the data posted by the hacker did not belong to it at all and, apparently, was taken from open sources.

“This data does not belong to Okta and is not related to the October 2023 incident. We cannot determine the source of this data or its accuracy, but we have noticed that some fields contain dates that are more than ten years old. We suspect that this information was collected from open sources on the Internet,” the company says.

A representative from Okta assured reporters that the company’s IT specialists thoroughly checked all systems over the weekend and found no evidence of a new hack.

KELA specialists also examined the data provided and independently confirmed that they do not belong to Okta. This dump is believed to be related to another unnamed company hacked in July 2023.

0 / 5

Your page rank:


Subscribe: YouTube page opens in new windowLinkedin page opens in new windowTelegram page opens in new window

Leave a Reply

Your email address will not be published. Required fields are marked *

Post comment