Okta Data Breach Affects All Customer Support Clients

The data breach has seen shares plummet by 11% and a market cap loss of $2 billion.

Cyber security software developer Otka has this week that the scope of its data breach in October was much bigger than initially feared.

This week, Okta wrote a letter to its customers, stating that hackers had obtained data of all clients that accessed its customer support system. The company works with 17,000 clients.

Following this attack, Okta’s shares plummeted by 11%, ultimately wiping out $2 billion in market cap. 

This latest data breach joins 2023’s long list of cyber security attacks.

Okta Data Breach Investigation

Back in October, an unidentified hacking group accessed and downloaded a report which contained the names and email addresses of all Otka’s customer support clients.

The San Francisco-based company is still investigating the events to fully understand the extent of the attack. However, it has assured it will keep customers up to date with all findings, as well as if they’ve been subject to the data breach.

Surfshark logo🔎 Want to browse the web privately? 🌎 Or appear as if you're in another country?
Get a huge 86% off Surfshark with this special tech.co offer.See deal button

“We are working with a digital forensics firm to support our investigation and we will be sharing the report with customers upon completion. In addition, we will also notify individuals that have had their information downloaded,” a spokesperson confirmed.

The Okta spokesperson also confirmed that those working within the Government or Department of Defense environment have not been impacted.

Okta Support Teams Targeted

It’s said that the hackers carried out the attack using HTTP Archive files. These allow support teams to troubleshoot any technical issues by replicating customer browser activity, and are often requested by Okta teams as part of support work.

However, a statement from the company, released at the time of the breach, stated: “The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases. [The archive files] can also contain sensitive data, including cookies and session tokens, that malicious actors can use to impersonate valid users”.

Okta has confirmed it has no direct knowledge or evidence that any of the stolen information is being actively exploited.

Spiraling Share Prices for Okta

Okta provides a cloud-based software solution that helps thousands of companies – including Microsoft and Mitsubishi – give employees a single point of sign on. This in itself increases the tech solution’s risk of cyber attacks, as there’s a wealth of information for hackers to be had. From here, they can get into software supply chains and access the vendor’s customer networks.

During the initial report of the breach, Okta stated that only around 130 customers had been impacted. This alone sent the company’s share price spiralling, bringing it down by 11% and wiping out $2 billion in market cap.

The user authentication platform is due to report its fiscal third-quarter earnings today, which will better articulate the extent and aftermath of the attack.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:
Ellis Di Cataldo (MA) has over 9 years experience writing about, and for, some of the world’s biggest tech companies. She's been the lead writer across digital campaigns, always-on content and worldwide product launches, for global brands including Sony, Electrolux, Byrd, The Open University and Barclaycard. Her particular areas of interest are business trends, startup stories and product news.
Explore More See all news
Back to top
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals