Okta Workforce Identity Cloud

2022: Source theft due to hacking of closed repositories on GitHub

On December 21, 2022, the provider of identification and multifactor authentication solutions Okta reported that its private source code repositories on GitHub were hacked by unknown attackers.

The incident occurred in early December 2022. The Okta Workforce Identity Cloud (WIC) solution code repository will be affected, which provides enterprise users with phishing protection features, access key management tools and a number of other security tools. The investigation found that the cybercriminals copied the files, but no user data was affected.

Okta sources stolen due to hacking of closed repositories on GitHub

As soon as it became known about possible suspicious access, we promptly imposed temporary restrictions on access to Okta GitHub repositories and suspended all GitHub integrations with third-party applications. No unauthorized access was recorded to the Okta service or customer data. The Okta service remains fully operational and safe, the company said in an official statement.

Okta also reports that it has already notified law enforcement agencies about the incident. As part of its own investigation, the company reviewed all recent calls to its software repositories hosted on GitHub to understand the extent of the impact. In addition, the company made sure of the integrity of the posted code and changed the GitHub credentials for security reasons.

In September 2022, a similar incident was reported by Okta-owned Auth0. Then it was said that the attackers gained unauthorized access to numerous code repositories dated 2020 and earlier (before the merger with Okta in May 2021). The investigation found that none of the company's customers were injured in the breach.^[1]

Notes