Okta has concluded its investigation into last January’s hacking attack. This shows that an unauthorized person had access to the company’s server for a total of 25 minutes. In this time-space he had access to the data of two customers. The perpetrator was unable to access other customers’ data or change passwords.
Okta reports this in an update about the hack attack.
Not 366 customers, but only two customers affected by hack attack
In March, the authentication software company reported that on January 21, a hacker gained access to Okta’s server through the network of Sitel, a third-party company that handles Okta’s customer service. Initially, it was assumed that at least 366 customers were the victims of the hack attack.
Okta is now adjusting that number downwards. The investigation into unauthorized access has been completed. This shows that the attacker was able to gain access to one Okta workstation for a short time via an account of an engineer who is active at Sitel. He was able to view customer information undisturbed for 25 minutes via a SuperUser application.
During this time, the perpetrator has seen data from two customers, Okta reports. The person in question did not make any settings changes, reset multi-factor authentication (MFA) or passwords, or impersonate a customer service representative. Thus, the attacker could not access data from other customers.
Okta promises to get well
In a press release, Okta says it’s important to restore customer confidence in the company’s ecosystem. “The conclusions of the final forensic report do not affect our determination to take corrective actions designed to