Lord777
Professional
- Messages
- 2,579
- Reaction score
- 1,472
- Points
- 113
It would seem that the company simply does not draw conclusions, but this time another character is to blame.
Okta, a well-known identity provider, has encountered another leak . This time, the reason for the intrusion was not a mistake of the company itself, but a vulnerability in the systems of its partner — Rightway Healthcare. In the hands of attackers were the personal data of almost 5 thousand employees.
Hackers broke into the network of Rightway Healthcare, which provides medical services for Okta employees, in late September. The management found out about the incident on October 12, but released the data only three weeks later.
The stolen documents included employees names, social security numbers, and health insurance details. Despite the seriousness of the incident, there is still no "evidence" that would indicate the use of this information for illegal purposes (for example, in phishing campaigns).
Okta launched an investigation immediately after the leak was discovered. It turned out that the first thing the attackers did was break into the mobile phone of a Rightway Healthcare employee. After gaining access to the device, they intercepted credentials from corporate systems, which eventually allowed them to access important archives. The information in the stolen files dates back to 2019-2020.
Representatives emphasize that the incident did not affect Okta services directly and customer data is absolutely safe.
Rightway has not yet made any official comments.
Just two weeks ago, Okta reported that unknown people hacked its support system and penetrated corporate accounts. As a result, a number of attacks were made on the accounts of such large companies as 1Password, BeyondTrust, Cloudflare.
Okta provides cloud-based identity and access management services to thousands of organizations around the world. Its negligence in cybersecurity matters in recent months has seriously undermined the trust of customers and business partners. Cloudflare, for example, expressed dissatisfaction with the fact that the company did not respond to the incident quickly enough, and called on internal specialists to strengthen security measures, for example, using hardware keys.
According to representatives, when it became known about the hack, Okta employees needed to conduct a thorough analysis of 27 thousand records to assess the scale of the leak. The check was performed manually and took a very long time, which is why the incident was not officially reported immediately.
Okta, a well-known identity provider, has encountered another leak . This time, the reason for the intrusion was not a mistake of the company itself, but a vulnerability in the systems of its partner — Rightway Healthcare. In the hands of attackers were the personal data of almost 5 thousand employees.
Hackers broke into the network of Rightway Healthcare, which provides medical services for Okta employees, in late September. The management found out about the incident on October 12, but released the data only three weeks later.
The stolen documents included employees names, social security numbers, and health insurance details. Despite the seriousness of the incident, there is still no "evidence" that would indicate the use of this information for illegal purposes (for example, in phishing campaigns).
Okta launched an investigation immediately after the leak was discovered. It turned out that the first thing the attackers did was break into the mobile phone of a Rightway Healthcare employee. After gaining access to the device, they intercepted credentials from corporate systems, which eventually allowed them to access important archives. The information in the stolen files dates back to 2019-2020.
Representatives emphasize that the incident did not affect Okta services directly and customer data is absolutely safe.
Rightway has not yet made any official comments.
Just two weeks ago, Okta reported that unknown people hacked its support system and penetrated corporate accounts. As a result, a number of attacks were made on the accounts of such large companies as 1Password, BeyondTrust, Cloudflare.
Okta provides cloud-based identity and access management services to thousands of organizations around the world. Its negligence in cybersecurity matters in recent months has seriously undermined the trust of customers and business partners. Cloudflare, for example, expressed dissatisfaction with the fact that the company did not respond to the incident quickly enough, and called on internal specialists to strengthen security measures, for example, using hardware keys.
According to representatives, when it became known about the hack, Okta employees needed to conduct a thorough analysis of 27 thousand records to assess the scale of the leak. The check was performed manually and took a very long time, which is why the incident was not officially reported immediately.
