A cybercriminal has published data on hacking forum, which he claims were stolen during a cyberattack at Octa in October 2023. However, the company says the exposed files do not contain its own data.
Okta is a provider of identity and access management solutions cloud and its services are used by thousands of organisations worldwide.
In October 2023, Okta warned that the its support system was compromised by hackers through stolen credentials. The attackers managed to steal cookies and authentication for some customers. After completing an internal investigation, it was revealed that the incident affected all users of the support system Customers.
See also: Facebook Marketplace: data leak in hacking forum
As a result, various Okta customers were affected, including Cloudflare.
Now, months after the breach, a cybercriminal using the pseudonym "Ddarknotevil" claimed to have released an Okta database with 3,800 customers' information.
“Today, I uploaded the Okta database for all of you. This breach is being communicated to behife @IntelBroker - [Cyber ] thanks for reading and enjoying!", wrote the cybercriminal in a hacking forum.
“In September 2023, Okta, an IT services management company, suffered a breach data which led to the exposure of 3.8 thousand users of the customer support system“.
The leaked data includes user IDs, full names, company names, office addresses, phone numbers, email addresses, locations/roles and other information.
Η Okta denies the allegations hacker and says that the data does not belong to her, but they seem to come from public information on the internet.
See also: ChatGPT: Thousands of credentials for sale on the dark web
“This is not Okta data and is not related to the October 2023 security incident", an Okta spokesperson told BleepingComputer.
“We cannot determine the source of these data or their accuracy, but we noted that some fields have dates of over ten years. We suspect that this information may have been gathered from public information sources in Internet“.
The Okta spokesperson also told BleepingComputer that the IT team thoroughly investigated all systems over the weekend and found no evidence of a breach.
See also: Roblox: 34 million credentials have been found on the dark web by 2021
Η company KELA also examined the exposed data and confirmed that they do not belong to Oktabut may have come from a different company that was breached in July.
A data leak in a hacking forum can have significant consequences for the users or companies affected. Personal information, such as usernames, e-mail addresses and passwords, but also other important data exposed to others cybercriminals, increasing the risk of fraud and attacks.
Therefore, users and organisations need to take measures to protect themselves from possible breaches. They should possible passwords for their accounts them and apply two-factor authenticationwhere possible. It is also important to maintain updated software and operating systems. Updates often include security fixes that can protect users from the latest threats.
Source : www.bleepingcomputer.com