Auth0 downplays source code compromise’s impact

Authentication and authorization platform Auth0 has confirmed that its environment has not been compromised following claims of a third-party last month regarding their possession of certain source code repositories dating from October 2020 and earlier, SecurityWeek reports. Initial investigation by Auth0 in late August revealed no evidence suggesting unauthorized environment access, persistent access, and data exfiltration, with the same conclusion shared by a separate investigation led by a cybersecurity forensics firm. "Our investigation has not revealed any customer impact from this event, and no action is required by our customers. Additionally, we confirm that the Auth0 service remains fully operational and secure," said Auth0. Auth0, which remains an independent entity despite being acquired by Okta in May 2021, added that it has already placed needed safeguards that would prevent the use of the leaked source code in accessing its network and customer environments.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.