Identity access management vendor Okta has released an update following an investigation into a hack this fall on its systems, revising the number of impacted customers up from less than 1% to a staggering 100%.

A blog post dated Nov. 29 from Okta chief security officer David Bradbury explained that an analysis of a breach from September revealed that an unauthorized user was able to run a report on Sept. 28 containing data on every user of Okta’s customer support system, which leaked the following data: company name, contact information, user name, role description, and a “collection of other data.” This type of information could be useful to threat actors in launching social engineering attacks, like the ones that leveraged Okta to breach MGM Resorts and Caesars Entertainment.

Thus, Okta is warning all of its customers to be prepared for similar phishing and social engineering cyber-scams.

“Given that names and email addresses were downloaded, we assess that there is an increased risk of phishing and social engineering attacks directed at these users,” Bradbury wrote. “While 94% of Okta customers already require MFA [multifactor authentication] for their administrators, we recommend all Okta customers employ MFA and consider the use of phishing-resistant authenticators to further enhance their security.”

The company added that it does not have any evidence the compromised Okta customer data is being actively exploited yet, however. Even so, cybersecurity experts advise Okta customers to focus on cybersecurity best practices, including user training.

“What is needed to secure Okta customers is a focus on best practices; for example, 6% of their users do not have multifactor authentication enabled,” says Viakoo CEO Bud Broomhead. “Likewise, setting session timeouts or requiring reauthentication for sessions from a new IP address should be done across all Okta users.”

Okta Breach Brand & Financials Ramifications

That bit of bad news for Okta customers was tempered by another piece of data out of Okta on Nov. 29. According to its latest quarterly financial report, the company announced that it has seen a more than 20% increase in revenues. The bottom-line growth increase is marked for the quarter ending Oct. 31, the same quarter Okta’s systems were used in high-profile breaches of MGM and Caesars.

“Our Q3 performance was highlighted by solid top-line growth, record non-GAAP operating profit, and record free cash flow,” Todd McKinnon, CEO and co-founder of Okta, said in a statement about the company’s earnings. “We are particularly enthusiastic about the adoption of Okta Identity Governance and the general availability of Okta Privileged Access, which uniquely positions us as the only unified modern identity platform. Over 18,800 leading organizations around the world put their trust in Okta and we are thankful for their continued partnership.”

The news of the leaked customer data did drive down Okta stock prices when it happened, but the investor fallout appears to be hovering in the single digits.

That said, the time lag for sales revenues to be impacted by major cyber incidents like the ones Okta has experienced should be taken into account when analyzing whether the breach impacted the brand, according to Jasson Casey, CEO of Beyond Identity.

“The sales cycle for midmarket customers is typically three to four months, while the enterprise sales cycle can be six-plus months,” Casey tells Dark Reading. “Revenue numbers being reported today don’t reflect the market’s processing and intake of the latest news.”

However, Casey tells Dark Reading that personally, he’s seeing a market shift away from Okta.

“Anecdotally, we’re seeing a large number of companies actively search for migration pathways from Okta to other SSO [single sign-on] platforms due to the continued string of news related to Okta security practices,” he adds. “Okta has a hard road in front of them to convince the mid/enterprise market that security is a foundational principle given their continued missteps over the last two years.”

Okta declined to comment on customer reactions to the compromise.

• SEO Powered Content & PR Distribution. Get Amplified Today.
• PlatoData.Network Vertical Generative Ai. Empower Yourself. Access Here.
• PlatoAiStream. Web3 Intelligence. Knowledge Amplified. Access Here.
• PlatoESG. Carbon, CleanTech, Energy, Environment, Solar, Waste Management. Access Here.
• PlatoHealth. Biotech and Clinical Trials Intelligence. Access Here.
• Source: https://www.darkreading.com/application-security/otka-breach-widens-entire-customer-base