Okta confirms another breach occurred after hackers stole source code • TechCrunch

Okta has confirmed it is responding to another security incident following a breach in which a hacker accessed its source codes github warehouses.

The identity and authentication giant claimed in a statmentGitHub reported on Wednesday that it had experienced “suspicious access to its code repositories” earlier in the month. Okta discovered that the hackers had gained malicious access to its code repositories. This was in connection with Workforce Identity Cloud (WIC), an enterprise-facing security system.

Okta released a statement saying that Okta was made aware of the suspicious access.

TechCrunch asked Okta how the attackers got access to its private repositories.

Okta asserts that there was no unauthorized entry to Okta’s service or customer information, and Auth0-related goods – that you obtained in 2021– Don’t be affected. “Okta does not depend on the confidentiality of its source code for the security of its services. The Okta service remains fully functional and secure,” said Okta.

According to Okta, it had reviewed all of Okta’s recent access and all commits to Okta repositories. It also reviewed GitHub credentials. Okta stated that it also notified law enforcement.

Okta has not stated whether it has the technical tools, such logs, to determine what, if anything, has been accessed from its own systems or any other data that might have been compromised.

The latest incident at the company has been reported before sleeping computerEarlier in the week, before Okta.

Okta was published earlier in the year. The now infamous Lapsus$ extortion group targeted himThe attacker gained access to Sykes’ account and posted screenshots of Okta’s systems and applications. Okta received a second settlement in August after being targeted. Another hacking campaignthis has been breached and used by more than 100 organizations including Twilio DoorDash.