Okta: data breach caused by employee who logged in with Google account – Computer – News

Okta reports that the data breach at the company was caused by an employee who logged in with a personal Google account on the work laptop. The business login details were stored in that account and it was later hacked as well.

Okta has in their own words measures have been taken to avoid similar incidents in the future. For example, it will no longer be possible for company employees to log in to Google Chrome with a personal account administrator sessions will now also be linked to network locations.

From September 28 to October 17, hackers had access to Okta’s support systems. The malicious parties were able to capture data from 134 customers and five customers were able to log in to the customer environment.

Password manager 1Password was one of those customers and had ‘suspicious activity’ in late September had discovered on his internal Okta account. The hackers attempted to perform various actions on 1Password’s Okta account, but this was blocked by Okta. Reportedly, no user data from 1 Password was stolen during the hack.

Okta is an American company that operates an authentication platform. Many companies use Okta’s systems to authorize employees before they gain access to internal systems.