Okta, an organization that gives identification and entry administration companies, disclosed on Wednesday that a few of its supply code repositories have been accessed in an unauthorized method earlier this month.
“There isn’t any affect to any prospects, together with any HIPAA, FedRAMP or DoD prospects,” the corporate mentioned in a public assertion. “No motion is required by prospects.”
The safety occasion, which was first reported by Bleeping Computer, concerned unidentified menace actors having access to the Okta Workforce Identity Cloud (WIC) code repositories hosted on GitHub. The entry was subsequently abused to repeat the supply code.
The cloud-based identification administration platform famous that it was alerted to the incident by Microsoft-owned GitHub in early December 2022. It additionally emphasised that the breach didn’t lead to unauthorized entry to buyer information or the Okta service.
Upon discovering the lapse, Okta mentioned it positioned momentary restrictions on repository entry and that it suspended all GitHub integrations with different third-party functions.
The San Francisco-headquartered agency additional mentioned it reviewed the repositories that have been accessed by the intruders and examined the current code commits to make sure that no improper modifications have been made. It has additionally rotated GitHub credentials and knowledgeable legislation enforcement of the event.
“Okta doesn’t depend on the confidentiality of its supply code for the safety of its companies,” the corporate famous.
The alert comes almost three months after Auth0, which Okta acquired in 2021, revealed a “safety occasion” pertaining to a few of its code repository archives from 2020 and earlier.
Okta has emerged as an interesting goal for attackers for the reason that begin of the yr. The LAPSUS$ information extortion group broke into the corporate’s inner methods in January 2022 after acquiring distant entry to a workstation belonging to a assist engineer.
Then in August 2022, Group-IB unearthed a marketing campaign dubbed 0ktapus focusing on various corporations, together with Twilio and Cloudflare, that was designed to steal customers’ Okta identification credentials and two-factor authentication (2FA) codes.