Hackers compromised Okta's private GitHub repos – Developer News
ARTICLE
LOG IN
Okta says hackers compromised its private GitHub repos earlier this month and stole its source code.
BleepingComputer got hold of a “confidential” email notification sent by Okta to its “security contacts” about the breach.
The Identity and Access Management (IAM) solutions leader says GitHub alerted Okta to the suspicious access earlier this month.
“Upon investigation, we have concluded that such access was used to copy Okta code repositories,” wrote Okta CSO David Bradbury in the notification email.
Okta claims the hackers did not access the Okta service or customer data. Furthermore, the company temporary access restrictions to their GitHub repos and suspended all GitHub integrations with third-party applications.
“We have since reviewed all recent access to Okta software repositories hosted by GitHub to understand the scope of the exposure, reviewed all recent commits to Okta software repositories hosted with GitHub to validate the integrity of our code, and rotated GitHub credentials. We have also notified law enforcement,” added Bradbury.
“Additionally, we have taken steps to ensure that this code cannot be used to access company or customer environments. Okta does not anticipate any disruption to our business or our ability to service our customers as a result of this event.”
Okta plans to publish a statement about the incident on its blog today.
(Photo by Richy Great on Unsplash)
Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London.
Explore other upcoming enterprise technology events and webinars powered by TechForge here.
cyber security, cybersecurity, github, hacking, infosec, okta
Your email address will not be published. Required fields are marked *
Developer Tech offers the latest app developer news and strategy. We cover topics, including coding, monetisation, billing, marketing and design, within the app development industry. We aim to help developers by providing top-class practical content across many issues.
Founded in 2011, we provide a channel for expert, brands and thought leaders to share content and engage with other industry professionals around the world.
Please follow this link for our privacy policy.
Copyright © 2022 Developer Tech News. All Rights Reserved.
Not subscribed / a member yet?
Step 1 of 3
Already a member / subscriber?