Okta Broadens Scope of Data Breach: All Customer Support Users Affected

[rbc]

Okta says the hackers who broke into its support case management system stole names and email addresses of all its customer support system users, an admission that significantly expands the impact of the October incident.

Okta originally claimed that only 134 customers (less than 1% of its customer base) was affected but in a fresh update posted Wednesday, Okta security chief David Bradbury said the threat actor hijacked data from all Workforce Identity Cloud (WIC) and Customer Identity Solution (CIS) customers, except for those in specific government-grade environments.
[...]
Okta Broadens Scope of Data Breach: All Customer Support Users Affected

[rbc]

KrebsonSecurity is also following this story:

When KrebsOnSecurity broke the news on Oct. 20, 2023 that identity and authentication giant Okta had suffered a breach in its customer support department, Okta said the intrusion allowed hackers to steal sensitive data from fewer than one percent of its 18,000+ customers. But today, Okta revised that impact statement, saying the attackers also stole the name and email address for nearly all of its customer support users.
[...]
Okta: Breach Affected All Customer Support Users