Deep Dive – OKTA Data Breach
OKTA Data Breach
Even security providers aren’t immune How does a company specializing in Identity and Access Management like OKTA suffer a data breach? In this case, a service account password was inadvertently saved by an OKTA employee to their personal Google account, which led to the credentials being leaked. This incident exposed a significant gap in compliance and highlighted how human error can result in even the most well-respected cybersecurity companies being compromised. In our latest Deep Dive, Tim Timmermans (CISO ON2IT) and Rob Maas (Field CTO ON2IT) join host Lieuwe Jan Koning to unpack how this breach occurred, and what lessons we can all learn from it. If even cybersecurity companies are vulnerable, how can you ensure your organization stays protected?Infographic
For a complete overview of the Accellion FTA breach and other attacks featured in the Bridging the Gap: Compliance and Security Threat Talks; download the infographic.Your cybersecurity experts
Lieuwe Jan Koning
Co-Founder and CTO, ON2IT Group
Rob Maas
Field CTO, ON2IT
Tim Timmermans
CISO the Netherlands, ON2IT
Episode details
When customer support gets hacked
In October 2023, OKTA—a leader in Identity and Access Management (IAM)—faced a security incident due to a mix of compliance issues and human error. It all started when an OKTA employee, while logged into their personal Google account, accidentally saved a service account password through Chrome.
The breach was uncovered when companies like 1Password, BeyondTrust, and Cloudflare flagged suspicious activity to OKTA.
For this Deep Dive into the OKTA data breach, host Lieuwe Jan Koning is joined by CISO Tim Timmermans and Field CTO Rob Maas of ON2IT.
Rob walks us through all the steps the attacker took: from how the credentials were likely leaked after the employee saved them to his personal Google account, to how the login details were then used to extract HAR files.
Tim explains what could have been done differently: had OKTA employed controls like MFA and better endpoint protection, this attack could’ve easily been prevented.
Curious what steps could’ve been taken? Tune in for this Deep Dive and find out!
Stay up-to-date on cybersecurity threats
Subscribe to our Spotify channel for deep dives into the dynamic world of cybersecurity. Stay informed, and stay secure!