Now it’s ALL customers, not just the support data/emails…
I think Zscaler is benefitting from this news today as well
I am asking this out if ignorance, but why? I thought Zscaler had a very different product? When we would try to use it (Zscaler) most things did not work for us engineers.
We use both zscaler and okta, does zscaler have auth? I thought it was just a vpn
Lets do layoffs in okta now. Please like if u agree
“during recent breach” —> “during recent breaches”, fixed that for you A company selling security products got hacked, multiple times, what a joke! customers are losing confidence in them.
This is not a new breach. This was part of investigation from Last breach. So stop your dreams. The data that was stolen does not contain anything. Only few email address of the sales contacts. This is avaialble in whole market now.
Uhhh no It also contained session tokens from unsanitized HAR files So very, very bad. Basically free admin panel access for attackers. The beyond and cloud flare reports go into more detail
That’s not totally accurate about the content stolen. More than just sales contacts.
Okta is implementing all the new security standards now to make sure all these are taken care. There is nothing to recover. Okta product was not breached by any of this means FYI
Shouldn’t a company that specializes in securing your data have had high security standards to begin with?
It doesn’t surprise me A lot of companies actually don’t even use their own products they sell to customers Like how up until recent years Amazon retail still used oracle databases. And how Google search doesn’t use GCP (and actually supposedly has even better stuff) But yeah I agree with you It’s really bad optics
What you should be asking is what prompted us to identify this a month after saying only 1% of customers were impacted? Why is a digital forensics firm involved now, but not a month ago? What changed?
Most companies have them on retainer as did we, it’s best practice to bring them in post event, as did we. How about getting behind the team or just leave already RSAE86, you won’t be missed!
We bring in a digital forensics firm after every incident? You sure about that? Did we bring them in before or after our security team had an offsite in Cancun a few weeks ago?
Yes we are. Shutting down tomorrow.
Okta stock does it again go to 300? Forecast is poor
LOL
Felt the same not going to happen , i bought it at 270. Worst company
I feel more likely big hacks happen from social engineering or simple human mistakes, not sophisticated hacks. That’s why you need automated security, real time reporting, and a zero trust model. These are the things we study are Oracle R&D
I believe in this case it started with social engineering