Hackers compromised Okta’s private GitHub repos

Okta says hackers compromised its personal GitHub repos earlier this month and stole its supply code.

BleepingComputer obtained maintain of a “confidential” e-mail notification despatched by Okta to its “safety contacts” concerning the breach.

The Identification and Entry Administration (IAM) options chief says GitHub alerted Okta to the suspicious entry earlier this month.

“Upon investigation, we’ve concluded that such entry was used to repeat Okta code repositories,” wrote Okta CSO David Bradbury within the notification e-mail.

Okta claims the hackers didn’t entry the Okta service or buyer information. Moreover, the corporate momentary entry restrictions to their GitHub repos and suspended all GitHub integrations with third-party functions.

“We now have since reviewed all latest entry to Okta software program repositories hosted by GitHub to know the scope of the publicity, reviewed all latest commits to Okta software program repositories hosted with GitHub to validate the integrity of our code, and rotated GitHub credentials. We now have additionally notified regulation enforcement,” added Bradbury.

“Moreover, we’ve taken steps to make sure that this code can’t be used to entry firm or buyer environments. Okta doesn’t anticipate any disruption to our enterprise or our means to service our clients because of this occasion.”

Okta plans to publish a press release concerning the incident on its weblog as we speak.

(Picture by Richy Nice on Unsplash)

Wish to study extra about cybersecurity and the cloud from business leaders? Take a look at Cyber Safety & Cloud Expo happening in Amsterdam, California, and London.

Discover different upcoming enterprise know-how occasions and webinars powered by TechForge right here.

Tags: cyber safety, cybersecurity, github, hacking, infosec, okta