Okta Says Hackers Stole Data for All Customer Support Users

By Graham Starr | November 29, 2023

Okta Inc. has discovered that hackers who breached its network two months ago stole information on all users of its customer support system — a scope far greater than the 1% of customers the company had previously said were affected.

The company, which manages user authentication services for thousands of institutions, notified customers in a letter Nov. 28 that it has now determined the hackers downloaded a report containing data including names and email addresses for all clients in its customer support system. As a result, Okta warned customers may face an increased risk of phishing and social engineering attacks and urged them to use strong multifactor authentication. The company also said it pushed new security features and recommendations to defend against targeted attacks.

The newest findings underscore how the San Francisco-based firm continues to grapple with the fallout of the cyberattack first disclosed last month, when it estimated that about 184 clients — representing roughly 1% of customers — were affected. It wasn’t the first time Okta had been breached: A hacking group broke into its system last year and posted screenshots that appeared to show access to Okta accounts. Chief Executive Officer Todd McKinnon vowed after that attack to work to restore trust in Okta’s brand.


“We are working with a digital forensics firm to support our investigation and we will be sharing the report with customers upon completion,” Okta said in a statement.

Okta said in the customer notice that a recent audit found more data was stolen than the company had initially thought, prompting the firm to revise its findings. It also discovered that some Okta employee information was included in stolen reports, according to the customer notice reviewed by Bloomberg.

The customer report contained fields for customer user names, company names and mobile phone numbers, Okta said, while noting that the majority of the fields were blank and didn’t include credentials or sensitive personal data. For more than 99% of customers listed in the report, Okta said, contact information consisted of full names and email addresses.

Many of the affected users of the customer support system are Okta administrators, according to the company’s notice.

Shares were up about 1% at $74.38 at 7:22 a.m. New York time after the company reported third-quarter adjusted earnings that surpassed analysts’ estimates. It also forecast adjusted earnings of 50 cents to 51 cents a share for the fourth quarter, beating the 36-cent average of Wall Street estimates.

Photo: Photographer: Tiffany Hagler-Geard/Bloomberg

Topics Cyber

Was this article valuable?

Here are more articles you may enjoy.