"Okta Source Code Stolen by Hackers"
Identity and access management solutions provider Okta recently informed customers that some of the company’s source code was stolen recently from its GitHub repositories. Okta was informed about the breach in early December by GitHub. An investigation showed that hackers accessed Okta’s repositories and copied code associated with Workforce Identity Cloud (WIC). Okta noted that the good news is that the source code should not contain any information that can pose a security risk for Okta products. In addition, the company says there is no evidence of unauthorized access to the Okta service or customer data and that Auth0 (Customer Identity Cloud) products are not impacted. The company stated that when they learned of the possible suspicious access, they promptly placed temporary restrictions on access to Okta GitHub repositories and suspended all GitHub integrations with third-party applications. Okta has reviewed recent code changes to ensure that the attackers have not made any malicious modifications and rotated GitHub credentials. This is not the only security incident disclosed by Okta this year. The company was targeted by the notorious Lapsus$ hackers in early 2022.