Subscribe to Newsletters

Curated Content | Thought Leadership | Technology News

Okta’s $2 Billion Market Loss: Repeated Security Breaches Raise Alarms

Mirroring an incident Okta faced in 2022.
Emily Hill
Contributing Writer

A recent security breach at Okta, a trusted name in access and authentication services, has impacted nearly 200 of its clients and raised significant concerns about the company’s security measures and response protocols. Okta disclosed that its customer support system was infiltrated, and numerous clients were affected. However, the delayed disclosure to the public and recurrent incidents have security experts and industry observers alarmed.

Attackers used stolen login credentials to access an Okta support account, enabling them to pilfer cookies and session tokens used by customer support providers for troubleshooting. With these tokens, attackers could directly compromise Okta customer accounts but companies like 1Password, BeyondTrust, and Cloudflare detected and blocked these intrusions before their customers were affected.

The Past vs. The Present

This latest breach shares alarming similarities with an incident that Okta experienced in 2022, where attackers compromised a subprocessor trusted for customer support tasks. Despite this prior incident, security experts are surprised that Okta has not been more vigilant in protecting externally exposed systems and personnel from potential threats.

While Okta’s struggles highlight a broader problem in the tech industry regarding software supply chain attacks and the increasing volume of cyberattacks, it also underscores the importance of prompt and responsible action by service providers to protect their clients.

Cloudflare engineers, who have been impacted by Okta breaches twice, have proposed critical security recommendations for them, including taking immediate action when a compromise is reported, providing timely and responsible disclosures, and implementing hardware keys for protecting all systems, including third-party support providers.

The Wrap

The fallout from this breach is not just limited to Okta’s reputation but also its market value. The company has lost more than $2 billion in market capitalization since disclosing the hack. The repeated incidents raise questions about the long-term viability of the company’s services.

In a world where digital services have become the backbone of organizations, breaches like Okta’s can have cascading effects. As the incidents accumulate, organizations realize they must be increasingly vigilant in choosing their service providers and safeguarding the digital ecosystem they serve.

Go Deeper —> Okta’s Latest Security Breach Is Haunted by the Ghost of Incidents Past – Wired

Go Deeper —> Okta cybersecurity breach wipes out more than $2 billion in market cap – CNBC

☀️ Subscribe to the Early Morning Byte! Begin your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.

☀️ Your latest edition of the Early Morning Byte is here! Kickstart your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.

ADVERTISEMENT

×
You have free article(s) left this month courtesy of CIO Partners.

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Would You Like To Save Articles?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Thanks for subscribing!

We’re excited to have you on board. Stay tuned for the latest technology news delivered straight to your inbox.

Save My Spot For TNCR LIVE!

Thursday April 18th

9 AM Pacific / 11 PM Central / 12 PM Eastern

Register for Unlimited Access

Already a member?

Digital Monthly

$12.00/ month

Billed Monthly

Digital Annual

$10.00/ month

Billed Annually

Would You Like To Save Books?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Log In To Access Premium Features

Sign Up For A Free Account

Please enable JavaScript in your browser to complete this form.
Name
Newsletters