Okta Inc., whose authentication services are used to grant access to networks by organisations such as Fedex Corp and Moody’s Corp, announced on Tuesday that it had been hacked and that some clients may have been affected.
David Bradbury, Chief Security Officer at Okta, in a statement, addresses the data breach:
“As we shared earlier today, we are conducting a thorough investigation into the recent LAPSUS$ claims and any impact on our valued customers. The Okta service is fully operational, and there are no corrective actions our customers need to take.
After a thorough analysis of these claims, we have concluded that a small percentage of customers – approximately 2.5% – have potentially been impacted and whose data may have been viewed or acted upon. We have identified those customers and are contacting them directly. If you are an Okta customer and were impacted, we have already reached out directly by email. We are sharing this interim update, consistent with our values of customer success, integrity, and transparency.
Our customers are our pride, purpose, and #1 priority. We take our responsibility to protect and secure customers’ information very seriously. We deeply apologize for the inconvenience and uncertainty this has caused.”
Okta had initially issued a statement that stated “Okta service has not been breached and remains fully operational”.