1Password Detects Suspicious Activity Following Okta Support Breach

well-liked password organizer After the support system compromise, 1Password reported that it saw suspicious activity on its Okta instance on September 29. However, it emphasized that no user data was taken.

Pedro Canahuati, CTO of 1Password, stated in a notice on Monday, “We immediately terminated the activity, investigated, and found no compromise of user data or other sensitive systems, either employee-facing or user-facing.”

After an IT team member shared a HAR file with Okta Support, the breach is believed to have happened via a session cookie, and the threat actor carried out the following series of actions:

  • attempted to access the user dashboard of the IT team member, however Okta stopped it
  • updated a pre-existing IDP connected to our output Google surroundings
  • Enabled the IDP
  • asked for an administrative user report.

The business claimed that once the member of the IT team received an email regarding read more 1Password Detects Suspicious Activity Following Okta Support Breach.

Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *