Cyberattacks may be expensive for everyone, not just businesses and consumers. Companies that provide technology, like Okta, may have to pay a high price.
The company’s share price fell by 9% in less than a week, and its valuation dropped by almost $2 billion.
The identity and access management provider Okta witnessed a decline in market value after disclosing that it had discovered “adversarial activity that leveraged access to a stolen credential” to compromise the business’s support management system and get client details. The company’s share price fell by 9% in less than a week, and its valuation dropped by almost $2 billion.
The 200 clients affected by the hack, according to Okta, have been informed. 18,000 companies are among the company’s clientele. According to the vendor, the problem most likely occurred when hackers gained access to customer HTTP Archive files and copied browser activity, posing as users to access resources. Okta stated that it has taken steps to ensure that this doesn’t occur again. Okta was made aware of the incident by three of its competitors in the industry: 1Password, BeyondTrust, and Cloudflare.
Threat actors have previously targeted the security vendor’s technology, either once or twice. The new incident has a striking resemblance to a cyberattack in March 2022 that involved the compromise of a subprocessor utilized for customer care tasks.
Additionally, in September of this year, hackers gained access to the Okta agents—clients that communicate with an organization’s Active Directory—of Caesars Entertainment and MGM International.
The thin client that establishes a connection to an organization’s Active Directory is called Okta Agent. Through the use of social engineering and employee data obtained from LinkedIn, the hackers contacted the help desk in an attempt to get access, and by doing so, they were able to compromise the Okta agent and compromise the casinos’ IT infrastructure.