ClickCease Okta records theft of source code repositories

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

Okta records theft of source code repositories

Obanla Opeyemi

January 5, 2023 - TuxCare expert team

Okta has revealed that a malicious users hacked and replicated its source code repositories on GitHub earlier this month, after previously reporting a compromise carried out by South American hacking group, Lapsus$.

GitHub, on the other hand, notified Okta in early December of potentially suspicious access to its online code repositories. Since the theft was discovered after an investigation, Okta has begun informing customers via email of an event in which an unidentified party stole the company’s source code.

In response, to review all recent commits to Okta repositories and validate the integrity of its code, the company temporarily restricted access to the GitHub repositories and suspended GitHub integrations with third-party applications. GitHub credentials were also rotated, according to the company.

Although the breach appears to be limited to Okta’s Workforce Identity Cloud product, which combines access management, governance, and privileged access controls.

Threat actors are said to benefit from the theft by gaining early access to their targets and researching vulnerabilities, hard-coded credentials in scripts, or misconfigurations. Further investigation revealed that the incident had no effect on Okta’s customers, including HIPAA, FedRAMP, and DoD customers, and thus no action is required.

According to a blog post by Okta; it had concluded investigation and it affirms that no customer data was accessed, and the Okta service remains unaffected. Okta stated that the breach was made known to them as soon as possible; “we promptly placed temporary restrictions on access to Okta GitHub repositories and suspended all GitHub integrations with third-party applications.”

Furthermore, Okta stated that it does not require the source code to remain confidential in order to secure its services, so it is still operational and secure. However, some people are concerned because the thieves may go on to scan the code for additional vulnerabilities, tokens, or insights that could lead to further breaches in the development and production environments.

The sources for this piece include an article in HackRead.

Summary
Okta records theft of source code repositories
Article Name
Okta records theft of source code repositories
Description
Okta has revealed that a malicious users hacked and replicated its source code repositories on GitHub earlier this month.
Author
Publisher Name
TuxCare
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Related Articles

How GPT models can be...

According to CyberArk researchers, GPT-based models like ChatGPT can be...

January 30, 2023

Attackers actively exploit Unpatched Control...

Malicious hackers have started exploiting a critical vulnerability CVE-2022-44877 in...

January 27, 2023

Attackers distribute malware via malicious...

Deep Instinct researchers reported that RATs like StrRAT and Ratty...

January 26, 2023

CircleCI partners AWS to identify...

According to CircleCI’s CTO, Rob Zuber, CircleCI is working with...

January 25, 2023

Cisco warns of authentication bypass...

A remote attacker could exploit multiple vulnerabilities in four Cisco...

January 24, 2023

IceID malware infiltrates Active Directory...

In a notable IcedID malware attack, the assailant impacted the...

January 23, 2023