Okta confirms another breach after hackers steal source code

Okta has confirmed that it’s responding to a different main safety incident after a hacker accessed its supply code following a breach of its GitHub repositories.

The id and authentication large mentioned in a statement on Wednesday that it was knowledgeable by GitHub about “suspicious entry” to its code repositories earlier this month. Okta has since concluded that hackers used this malicious entry to repeat code repositories related to Workforce Id Cloud (WIC), the group’s enterprise-facing safety answer.

“As quickly as Okta discovered of the attainable suspicious entry, we promptly positioned momentary restrictions on entry to Okta GitHub repositories and suspended all GitHub integrations with third-party functions,” Okta mentioned in a press release.

When requested by TechCrunch, Okta declined to say how attackers managed to achieve entry to its personal repositories.

Okta says there was no unauthorized entry to the Okta service or buyer knowledge, and merchandise associated to Auth0 — which it acquired in 2021 — aren’t impacted. “Okta doesn’t depend on the confidentiality of its supply code for the safety of its providers. The Okta service stays absolutely operational and safe,” Okta mentioned.

The corporate mentioned that because it was alerted to the breach, it has reviewed current entry to Okta software program repositories, reviewed all current commits to Okta software program repositories and rotated GitHub credentials. Okta mentioned it has additionally notified legislation enforcement.

Okta didn’t explicitly say if it has the technical means, comparable to logs, to detect what, if any, of its personal programs had been accessed or what different knowledge might have been exfiltrated.

The corporate’s newest incident was first reported by Bleeping Computer earlier this week, previous to Okta’s announcement.

Earlier this 12 months, Okta was focused by the now-notorious Lapsus$ extortion group, which gained entry to the account of a buyer assist engineer at Sykes, one in every of Okta’s third-party service suppliers, and posted screenshots of Okta’s apps and programs. Okta skilled a second compromise in August this 12 months after it was focused by one other hacking marketing campaign that breached greater than 100 organizations, together with Twilio and DoorDash.