Based on Okta’s statement on October 20 regarding a recent security breach, it has been determined that the threat actor successfully gained access to Okta’s customer support system. Once inside the system, the threat actor was able to view files uploaded by Okta customers in relation to recent support cases with valid session tokens. By utilizing the extracted token from the Okta support system and support cases, the threat actor subsequently gained access to customer systems. In this post, Zscaler ThreatLabz and the product security team describe the impact of identity provider (IdP) breaches and how your organization can better protect itself against these attacks by leveraging industry-wide best practices.
Read more…
Source: Zscaler