Okta refutes alleged data exposure

An Okta sign is seen on its headquarters in San Francisco.

Okta has dismissed the legitimacy of a database posted on a hacking forum that was allegedly stolen following the hack of its backend support case management system in October, reports BleepingComputer.

Such database was touted by leaker 'Ddarknotevil' to contain 3,800 Okta customers' full names, user IDs, email addresses, phone numbers, company names, and office addresses, among others. However, Okta denied that it owned the exposed information, as well as emphasized that none of its systems had been breached following an investigation over the weekend. "We cannot determine the source of this data or its accuracy, but we noted that some fields have dates from over ten years ago. We suspect that this information may be aggregated from public information sources on the Internet," said an Okta spokesperson. Okta's denial was supported by KELA, which discovered that the exposed database contained information identical to the IntelBroker data dump in July that purportedly had details from the National Defense Information Sharing and Analysis Center.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.