Okta.com

In late 2023 Okta experienced a significant security incident where an adversary gained unauthorized access to the support case management system. The threat actor used a stolen credential to access the internal system and subsequently downloaded a report containing data for all Okta customer support users. This breach exposed specialized session tokens that could be used for session hijacking attacks against Okta customers. The company confirmed that the attacker accessed files uploaded by customers which contained sensitive configuration data and cookies. This incident followed previous security concerns including the Lapsus group breach in 2022 and source code theft in late 2022 highlighting ongoing targeting of the identity management provider.