Identity and access management solution provider Okta announced that its private GitHub source code repositories were recently breached.
According to a security incident email notification Obtained by BleepingComputer, GitHub alerted Okta to suspicious access to its code repositories earlier this month. “After investigation, we concluded that such access was used to copy Okta code repositories,” according to the email.
Despite this development, the threat actors were unable to penetrate customer data or the Okta service. “No customer action is required and the Okta service remains fully operational and secure,” the email said.
What’s more, once Okta became aware of the potentially suspicious access, it says it placed temporary access restrictions on their GitHub repositories and suspended all GitHub integrations with third-party applications:
We’ve since audited all recent access to GitHub-hosted Okta repositories to understand the extent of exposure, reviewed all recent commits to GitHub-hosted Okta repositories to verify the integrity of our code, and replaced GitHub credentials. We have also notified the law enforcement authorities.
Additionally, we have taken steps to ensure that this code cannot be used to access company or customer environments. Okta does not anticipate any disruption to our business or our ability to serve our customers as a result of this event.
Okta says it will make a statement about the incident on its blog today.
This is just one of many security incidents Okta has endured this year. Back in March, the international hacker group Lapsus$ published screenshots that reveal that she accessed the company’s internal systems and customer data. And in September, Okta-owned Auth0 revealed that its source code repositories date from October 2020 onwards. were obtained by a third party.