Okta says source code for Workforce Identity Cloud service was copied – Ars Technica

Posted under Programming, Technology On By James Steward

Front page layout
Site theme

Single sign-on provider Okta said on Wednesday that software code for its Okta Workforce Identity Cloud service was copied after intruders gained access to the company’s private repository on GitHub.
“Our investigation concluded that there was no unauthorized access to the Okta service, and no unauthorized access to customer data,” company officials said in a statement. “Okta does not rely on the confidentiality of its source code for the security of its services. The Okta service remains fully operational and secure.”
The statement said that copied source code pertains only to the Okta Workforce Identity Cloud and doesn’t pertain to any Auth0 products used with the company’s Customer Identity Cloud. Officials also said that upon learning of the breach, Okta placed temporary restrictions on access to the company’s GitHub repositories and suspended GitHub integrations with third-party apps.
“We have since reviewed all recent access to Okta software repositories hosted by GitHub to understand the scope of the exposure, reviewed all recent commits to Okta software repositories hosted with GitHub to validate the integrity of our code, and rotated GitHub credentials,” the statement added. “We have also notified law enforcement.”
The Okta Workforce Identity Cloud provides access management, governance, and privileged access controls in a single package. Many large organizations handle these things piecemeal using manual processes. The service, which Okta introduced last month, is designed to unify and automate these processes.

The company said the attempt to breach Okta was unsuccessful and that the access the hackers gained to the third-party account didn’t allow them to create or delete users, download customer databases, or obtain password data. Lapsus$ members refuted this claim and noted that the screenshots indicated they had logged into the superuser portal, a status they said gave them the ability to reset the passwords and multifactor authentication credentials of 95 of Okta’s customers.
In August, Okta said that hackers who had recently breached security provider Twilio used their access to obtain information belonging to an unspecified number of Okta customers. Twilio disclosed the breach three weeks earlier and said it allowed the threat actor to obtain data for 163 customers. Okta said the threat actor could obtain mobile phone numbers and associated SMS messages containing one-time passwords of some of its customers.
In September, Okta revealed that code repositories for Auth0, a company it acquired in 2021, had also been accessed without authorization.
Wednesday’s disclosure of the Okta source-code copying was first reported by Bleeping Computer.
Join the Ars Orbital Transmission mailing list to get weekly updates delivered to your inbox.
CNMN Collection
WIRED Media Group
© 2022 Condé Nast. All rights reserved. Use of and/or registration on any portion of this site constitutes acceptance of our User Agreement (updated 1/1/20) and Privacy Policy and Cookie Statement (updated 1/1/20) and Ars Technica Addendum (effective 8/21/2018). Ars may earn compensation on sales from links on this site. Read our affiliate link policy.
Your California Privacy Rights | Do Not Sell My Personal Information
The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of Condé Nast.
Ad Choices

source

Note that any programming tips and code writing requires some knowledge of computer programming. Please, be careful if you do not know what you are doing…

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.