Authentication giant Okta has had its source code taken after GitHub repositories belonging to the company were breached, reports have claimed.
A “‘confidential’ email notification” allegedly sent by Okta to its “security contacts” noted that after investigating suspicious activity it had been alerted to earlier this month, the company had concluded that someone copied its code repositories.
Whoever was behind the attack did not access Okta's services, or customer data, the notification further reads. Okta's HIPAA, FedRAMP or DoD customers have not been affected by the incident, and do not need to do anything at this point.
Popular targets
BleepingComputer further found that the incident seems to be related to the Okta Workforce Identity Cloud (WIC) code repositories, but not Auth0 Customer Identity Cloud products.
Commenting on the news, Raj Samani, SVP Chief Scientist at Rapid7, said a company's source code is quite valuable, and as such, important to cybercriminals.
"From our own research, we know that intellectual property is a popular target for threat actors with 12% of data disclosures between April 2020 and February 2022 containing it," Samani said. "Stolen source code can be used to find hidden security vulnerabilities and launch further attacks on a business; therefore, it is crucial that such sensitive information is protected.”
So far, Okta is yet to publicly confirm or deny the breach, but the incident is the latest to affect the company in 2022.
In March, notorious extortion group Lapsus$ announced it had breached Okta’s administrative consoles and stole customer data.
And in September, Auth0 (owned by Okta) reported a similar incident, when a “third-party individual” managed to steal old source code. The method was never established, so it isn't known if any malware was involved.
- Here is our rundown of the best endpoint protection solutions around
Via: BleepingComputer
Source: TechRadar