"Okta Passwords at Risk, New Research Shows"

Okta is one of the leading providers of authentication services and Identity and Access Management (IAM) systems, with a net worth of $13.6 billion and over 17,000 customers worldwide. However, the cloud incident response company Mitiga has discovered a potential post-exploitation attack vector in Okta that enables adversaries to read users' passwords in the Okta audit logs. This information allows adversaries to log in as those users, widening the attack's reach to the various platforms that Okta protects and gaining access to more systems. According to the research, the attacker only needs to be able to read the Okta audit logs to obtain user credentials. Mitiga emphasized that it could easily use the logs to match a password with a valid user, gaining credentials to that Okta account. Researchers found passwords in most of its customer logs, including those belonging to administrators who can take operations on behalf of other users. This article continues to discuss the post-exploitation attack method that enables adversaries to read Okta users' passwords. 

Cybernews reports "Okta Passwords at Risk, New Research Shows"