Users who use Okta’s systems in their various jobs suffered the breach of some of their data, according to the company, in a cybersecurity attack they suffered in October.
Initially, the company, which is precisely dedicated to the access of management and corporate identity, said that they suffered a cyber attack that affected only 1% of their clients and that they resolved it’s instant. However, in a new statement reviewed by Gizmodo, they explained that the breach was more serious than they thought.
The aforementioned media reports that the data obtained by cybercriminals are the names and emails of those who use these identity systems.
And although this information is not available without passwords, this data adds to the foundations of phishing strategies, of which millions of users fall victim every year.
Okta claims to have taken immediate steps in the face of this incident, informing its customers that they should ensure they have strong security measures in place with a strong password combination and multiple identification phase for all users.
“While we have no direct knowledge or evidence that this information has been actively exploited, we are notifying all of our customers that this file is an additional security risk due to phishing,” said Okta spokeswoman Jenny Grich. .
“We are implementing new security features on our platforms and providing customers with specific recommendations to protect against potential attacks targeting their Okta administrators,” added the same representative. of the company.
“We are working with a digital forensics company to support our investigation and share the report with clients when it is finished. In addition, we will also inform the people whose information has been downloaded,” they emphasized in the same statement.