Okta is warning almost 5,000 present and former workers that their private info was uncovered after a third-party vendor was breached.
Okta is a San Fransisco-based cloud id and entry administration options supplier whose Single Signal-On (SSO), multi-factor authentication (MFA), and API entry administration companies are utilized by 1000’s of organizations worldwide.
The data breach notification warns of a security incident that impacted Rightway Healthcare, which offers healthcare protection for Okta workers and their households.
On September 23, 2023, Rightway suffered a community breach, leading to cybercriminals accessing an eligibility census file maintained for insurance coverage provision and profit plans for eligible people.
The file contained the next info on present and former Okta workers and their dependents:
- Full names
- Social Safety Numbers (SSNs)
- Well being or Medical Insurance coverage plan quantity
Okta realized in regards to the breach on October 12, 2023, when Rightway disclosed the assault, and instantly launched an investigation to find out the extent of the compromise.
In accordance with Okta’s report back to the Workplace of the Maine Legal professional Normal, the breach impacted a complete of 4,961 workers.
Aside from the publicity of well being info, the leak of workers’ full names could possibly be useful to cybercriminals in deriving company electronic mail addresses and interesting in focused brute-forcing to hijack precious accounts throughout the firm.
The discover highlights twice that Okta has no proof the private info of these individuals has been misused.
Nonetheless, the agency encloses directions on enrolling for two-year credit score monitoring, id theft safety, and fraud safety companies via Experian.
Okta shared a press release after this story was printed stating that the uncovered worker information was from April 2019 via 2020.
“An Okta vendor, Rightway Well being, had a security incident in September 2023 during which information from April 2019 via 2020 had been exfiltrated from its IT atmosphere,” Okta instructed BleepingComputer.
“These contained private details about workers and their dependents from 2019/2020. This incident doesn’t relate to using Okta companies and Okta companies stay safe. No Okta buyer information is impacted by this incident.”
Okta’s current mishaps
Okta has suffered a sequence of breaches over the previous two years resulting from social engineering assaults or credential theft.
On October 20, 2023, Okta warned that attackers accessed information containing cookies and session tokens uploaded by prospects to its help administration system after breaching it utilizing stolen credentials.
This publicity impacted prospects of Okta, together with BeyondTrust, Cloudflare, the 1Password password supervisor, and presumably many extra.
In December 2022, Okta admitted that hackers accessed confidential info and supply code saved inside personal GitHub repositories.
The same hack was claimed in March 2022 by the infamous Lapsus$ risk group, this time involving buyer information too, which the software program vendor later admitted is actual, saying it impacted 2.5% of its prospects.
Though the current incident didn’t impression any prospects, it impacts a noteworthy variety of people and elevates the general security threat for the corporate.
