How Okta get hacked? An Employee using a personal email account in Chrome


During our investigation into suspicious use of this account, Okta Security identified that an employee had signed-in to their personal Google profile on the Chrome browser of their Okta-managed laptop,” Bradbury wrote. “The username and password of the service account had been saved into the employee’s personal Google account. The most likely avenue for exposure of this credential is the compromise of the employee’s personal Google account or personal device.”

This means that when the employee logged into the account on Chrome while it was authenticated to the personal Google account, the credentials got saved to that account, most likely through Chrome’s built-in password manager. Then, after compromising the personal account or device, the threat actor obtained the credentials needed to access the Okta account.

Previous Story

MasTec Employees May Be the Victim of MOVEit Data Breach Occurring at Delta Dental

Next Story

Blue Cross Blue Shield of Illinois Provides Notice of Data Breach to TTEC Healthcare Employees