Okta

Okta support case-management system breach

A threat actor used a stolen service-account credential — exposed via an employee's personal Google account — to access Okta's customer support case-management system, reading HAR files that contained session tokens and enabling session-hijacking against customers including 1Password, BeyondTrust and Cloudflare.

Victim

Okta