Okta, which provides online security services for businesses, provided additional details after someone was able to hack into Okta's support case management system. Okta said that the hackers were able to see files uploaded by some Okta customers in recent support cases.
All told, Okta said the breach impacted 134 customers, representing less than 1% of all customers, the company said. On Friday, the company provided affected customers with steps on mitigating the breach.
"The unauthorized access to Okta’s customer support system leveraged a service account stored in the system itself," Okta chief security officer David Bradbury said. "This service account was granted permissions to view and update customer support cases. During our investigation into suspicious use of this account, Okta Security identified that an employee had signed in to their personal Google profile on the Chrome browser of their Okta-managed laptop.
"The username and password of the service account had been saved into the employee’s personal Google account. The most likely avenue for exposure of this credential is the compromise of the employee’s personal Google account or personal device."
Okta stressed that its support case management system is separate from its main service, which it says is fully operational and has not been impacted.
As of August, Okta had 18,400 customers, and the company has seen rapid growth in recent years as more companies look to secure their online services.
In late 2021, the company reported about $251 million in revenue in one quarter. By the summer this year, the company reported $556 million in quarterly revenue.
Okta enables secure access, authentication and automation for businesses.
Trending stories at Scrippsnews.com