Password Authenticator Okta Says Hackers Stole Names and Email Addresses of All Its Customer Support Users The breach took place in September.

By Jyoti Mann

Key Takeaways

  • Okta said hackers stole a report with names and email addresses of all customer support users.
  • Those users face an "increased risk of phishing," the password authenticator said in a blog.
  • Okta said earlier this month that 1% of customers were affected by the September breach.
SOPA Images/Getty via Business Insider.
Okta first revealed the hack in September.

This article originally appeared on Business Insider.

Okta's recent data breach was a lot bigger than previously disclosed.

The password authenticator was hit by a cyberattack in September and said earlier this month that just 1% of its customers were affected.

But in a blog post Wednesday, Okta said hackers stole a report that included the names and email addresses of "all Okta customer support system users."

David Bradbury, Okta's chief security officer, said in the post: "While we do not have direct knowledge or evidence that this information is being actively exploited, there is a possibility that the threat actor may use this information to target Okta customers via phishing or social engineering attacks."

Bradbury advised all customers to use multi-factor authentication, which requires more than one security test, to keep their information safe online.

San Francisco-based Okta offers companies identity management tools including single sign-in and multi-factor authentication for secure website logins. The company has more than 18,000 corporate clients including FedEx, S&P Global, T-Mobile and Zoom, per its website.

The company also suffered at least two security breaches last year, TechCrunch reported. A group of hackers called Lapsus$ extortion group accessed a customer support engineer's account in January 2022 and shared screenshots of Okta's systems, per the report.

Then in August hacking group Scatter Swine gained access to Okta customer data, it claimed in a blog post, breaching more than 100 companies including software firm Twilio.

Okta didn't immediately respond to a request for comment from Business Insider, made outside normal working hours.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Related Topics


Mastering the Skill of Convincing Stakeholders to Approve and Execute Ideas

There's a big difference between approval-seeking and being your own biggest advocate.

Side Hustle

These Are the Highest-Paying Side Hustles for a Single Day of Work

Earn the most money in the least amount of time.

Business News

TikTok's CEO Is an Honorary Chair at the 2024 Met Gala

Conde Nast's Chief Content Offer, Anna Wintour, made the announcement Thursday.

Starting a Business

For Years, This Black Founder Learned an Uncommon But Essential Craft on the Side. Now His Creations Are Beloved By Celebrity Chefs — and Can Sell for More Than $1,000.

A chance encounter with a legendary knifemaker would lead Quintin Middleton, owner of Middleton Made Knives, to follow his long-time passion into business.

Growing a Business

3 Business Basics to Remember in 2024

Here are three fundamental tips that will help every SMB this year.