Okta hit by thirdparty data breach exposing employee information

pMicrosoft disrupts cybercrime gang behind 750 million fraudulent accountsppStealthy KVbotnet hijacks SOHO routers and VPN devicesppLockBit ransomware now poaching BlackCat NoEscape affiliatesppBazarCall attacks abuse Google Forms to legitimize phishing emailsppThis cyber security workshop is on sale for 49999 reg 1000ppKraft Heinz investigates hack claims says systems operating normallyppNew NKAbuse malware abuses NKN blockchain for stealthy commsppUbiquiti users report having access to others UniFi routers camerasppQualys BrowserCheckppSTOPDecrypterppAuroraDecrypterppFilesLockerDecrypterppAdwCleanerppComboFixppRKillppJunkware Removal ToolppBest VPNsppHow to change IP addressppAccess the dark web safelyppBest VPN for YouTubeppRemove the Theonlinesearchcom Search RedirectppRemove the Smartwebfindercom Search RedirectppHow to remove the PBlock adware browser extensionppRemove the Toksearchesxyz Search RedirectppRemove Security Tool and SecurityTool Uninstall GuideppHow to Remove WinFixer Virtumonde Msevents TrojanvundoppHow to remove Antivirus 2009 Uninstall InstructionsppHow to remove Google Redirects or the TDSS TDL3 or Alureon rootkit using TDSSKillerppLocky Ransomware Information Help Guide and FAQppCryptoLocker Ransomware Information Guide and FAQppCryptorBit and HowDecrypt Information Guide and FAQppCryptoDefense and HowDecrypt Ransomware Information Guide and FAQppHow to enable Kernelmode Hardwareenforced Stack Protection in Windows 11ppHow to use the Windows Registry EditorppHow to backup and restore the Windows RegistryppHow to open a Windows 11 Command Prompt as AdministratorppHow to start Windows in Safe ModeppHow to remove a Trojan Virus Worm or other MalwareppHow to show hidden files in Windows 7ppHow to see hidden files in WindowsppeLearningppIT Certification CoursesppGear GadgetsppSecurityppppOkta is warning nearly 5000 current and former employees that their personal information was exposed after a thirdparty vendor was breachedppOkta is a San Fransiscobased cloud identity and access management solutions provider whose Single SignOn SSO multifactor authentication MFA and API access management services are used by thousands of organizations worldwideppThe data breach notification warns of a security incident that impacted Rightway Healthcare which provides healthcare coverage for Okta employees and their familiesppOn September 23 2023 Rightway suffered a network breach resulting in cybercriminals accessing an eligibility census file maintained for insurance provision and benefit plans for eligible individualsppThe file contained the following information on current and former Okta employees and their dependentsppOkta learned about the breach on October 12 2023 when Rightway disclosed the attack and immediately launched an investigation to determine the extent of the compromiseppAccording to Oktas report to the Office of the Maine Attorney General the breach impacted a total of 4961 employeesppApart from the exposure of health information the leak of employees full names could be helpful to cybercriminals in deriving corporate email addresses and engaging in targeted bruteforcing to hijack valuable accounts within the companyppThe notice highlights twice that Okta has no evidence the personal information of those people has been misusedppHowever the firm encloses instructions on enrolling for twoyear credit monitoring identity theft protection and fraud protection services through ExperianppOkta shared a statement after this story was published stating that the exposed employee data was from April 2019 through 2020ppAn Okta vendor Rightway Health had a security incident in September 2023 in which files from April 2019 through 2020 were exfiltrated from its IT environment Okta told BleepingComputerppThese contained personal information about employees and their dependents from 20192020 This incident does not relate to the use of Okta services and Okta services remain secure No Okta customer data is impacted by this incidentppOkta has suffered a series of breaches over the past two years due to social engineering attacks or credential theftppOn October 20 2023 Okta warned that attackers accessed files containing cookies and session tokens uploaded by customers to its support management system after breaching it using stolen credentialsppThis exposure impacted customers of Okta including BeyondTrust Cloudflare the 1Password password manager and possibly many moreppIn December 2022 Okta admitted that hackers accessed confidential information and source code stored within private GitHub repositoriesppA similar hack was claimed in March 2022 by the notorious Lapsus threat group this time involving customer data too which the software vendor later admitted is real saying it impacted 25 of its customersppAlthough the recent incident did not impact any customers it affects a noteworthy number of individuals and elevates the overall security risk for the companyppDollar Tree hit by thirdparty data breach impacting 2 million peopleppOkta October data breach affects all customer support system usersppWelltok data breach exposes data of 85 million US patientsppPJA says cyberattack exposed data of nearly 9 million patientsppPharmacy provider Truepill data breach hits 23 million customersppNot a member yet Register NowppUbiquiti users report having access to others UniFi routers camerasppHackers are exploiting critical Apache Struts flaw using public PoCppTerms of Use Privacy Policy Ethics Statement Affiliate DisclosureppCopyright 2003 2023 Bleeping Computer LLC All Rights ReservedppNot a member yet Register NowppRead our posting guidelinese to learn what content is prohibitedp