Update: Okta Customer Support System Breach Impacted 134 Customers
Cloud identity and access management provider, Okta, has revealed that threat actors who breached its customer support system gained access to files belonging to 134 customers. The attackers used stolen session tokens from HAR files to hijack the legitimate Okta sessions of five customers. The breach occurred from September 28 to October 17 and affected less than 1% of Okta's customers. Okta disabled the compromised service account and implemented additional security measures. This incident follows previous warnings from Okta about social engineering attacks and a data breach affecting employees' personal information.