Okta concludes its investigation into the January 2022 compromise

firstSpeaker4y ago· 2 in thread

Is there any reason they do not mention who is the "globally recognized cybersecurity firm"? Also I did not find them mentioning anything about honesty :).

GauntletWizard4y ago

Yes, that the cybersecurity firm found a big enough trashfire that they don't want their name associated. If there were a competent security firm, there would be a detailed timeline (perhaps not in this post, but linked from it) of "Hacker got access, did X, Y, Z. Last access using compromised token was at A and token expired automatically at B". The other alternative is they hired Kaspersky and don't want to mention that for obvious reasons.

If you are still on Okta in a month, you should be held criminally liable when the next hack happens.

mc324y ago

I think we should expect SAML providers to be compromised. Given that, we need to design systems around that assumption. Google gets hacked, Azure gets hacked, Okta now. No one is impervious.

Now, that said, Okta should be more open in order to engender trust. I think this is where you are going with the comment and in this I agree.

aaaaaaaaata4y ago

Is there anyone building their SaaS with security-first principles?

postingposts4y ago

Summary from the article: Someone got access. We don’t know who or why. They didn’t change anything and we will assert they couldn’t have. We will be throwing a contractor we work with under the bus for this one.

Okta concludes its investigation into the January 2022 compromise (opens in new tab)

Okta concludes its investigation into the January 2022 compromise (opens in new tab)

5 comments

5 comments