Have you heard about Okta?
Even if you haven’t, you might still have been affected by the large-scale breach on their systems that rocked the tech community on October 19, 2023. Okta is a third-party service that provides organizations, like your own, for example, with multi-factor authentication, other secure biometric identification, and single sign-on tools.
You can imagine how fast a breach of those services can go badly.
Behind the Breach on Okta
This is how quickly one single, swift lapse in security awareness can trigger a tidal wave of consequences. One Okta employee signed into their personal Google account on their company-issued laptop. Because their professional login credentials were saved to the same Chrome browser, their work accounts were accessible, too.
This case perfectly encapsulates why keeping your work and personal accounts SEPARATE is essential. Personal devices and accounts are notoriously less secure than the ones you use for work. It’s not because you treat one with more care; instead, consider how many defenses you have on your work computer versus your personal laptop.
Does your job have rules that require you to use virtual private networks when you log in from somewhere other than the office? Do you have to use more multi-factor authentication? Can you download any app you want, or is that regulated by your IT team? Are your firewalls still set to default, or have the settings been customized to maximize both safety and efficiency?
Typically, work computers and accounts are more secure simply because you have a dedicated security team whose job it is to enforce cybersecurity and compliance. When it’s all up to you, it’s easier for small mistakes to create big problems.
What Happened to Okta?
After a breach, it’s critical to communicate the extent of the damages to those who may have been affected. Depending on regulations in your industry and locale, the breached service may also have to be reported to government or industry organizations. For example, banks must report breaches to the FTC within thirty days; likewise, HIPAA violations must be disclosed to affected parties within sixty days.
Once the threat actors successfully breached Okta’s internal systems, they stole session tokens from customer support chat files that were saved to the company server. The hackers used those tokens to hijack legitimate administrative accounts. From there, they breached Okta sessions with various companies that use the service.
When Okta discovered the breach on files linked to 134 customers, they notified the affected parties and began a protocol to patch the vulnerability and prevent similar breaches in the future.
What Does This Mean for Customers’ Privacy?
Keep in mind that although they acted swiftly after the breach was discovered, the threat actors are estimated to have been in the system for three weeks before they were discovered. Customer data was accessed for three weeks!
So yes, you will be notified if a breach occurs against your private data from any company to which you’ve entrusted that information, but that only secures your accounts after the damage is done.
While there are services to help remediate some of the damage post-attack, it’s essential to take steps to protect your data EVERY DAY.
For starters, employ Dark Web Monitoring services, like ours, to immediately detect your personally identifiable information in the dark marketplace.
Understand how to most efficiently and securely manage third-party suppliers and risks.
Review your accounts, networks, and systems regularly so you can notice and report suspicious activity immediately.
Thoroughly research third-party services before using them, just like any website or program.
Stay up to date with news alerts from any company with your personal information; that way, you’ll know immediately if they announce a security breach.
Commonwealth Sentinel will help you face your organization’s growing cyber security threats. We can evaluate your existing IT security and work with your team to protect your data and assets. At Commonwealth Sentinel, we are focused on cyber security, so you can focus on other things. Contact us today or sign up for a free consultation.