Beyond Identity Was Not Impacted By The Recent Okta Security Incident
Most of you have already heard the news of another Okta breach disclosed this past week.
- October 20th - Tracking Unauthorized Access to Okta's Support System - from Okta
- October 20th - BeyondTrust Discovers Breach of Okta Support Unit - from BeyondTrust
- October 20th - How Cloudflare mitigated yet another Okta compromise - from Cloudflare
In line with our promise to protect our customers, while we did not receive a breach notification from Okta, we conducted a thorough investigation to ensure we were not impacted. Using an extensive review of logs and our Security Insights and Risk Analytics events, we conclusively determined that our environment was not compromised and no Beyond Identity customers were impacted.
Okta has disclosed that breaches in customer environments are linked to HTTP Archive (HAR) files, which are occasionally gathered for support cases and can contain unsanitized cookies, leaving them vulnerable to adversarial hijacking. Although Okta suggests sanitizing any credentials and cookies/session tokens within HAR files prior to sharing, they fall short of offering any concrete methods for doing so.
To close this security gap for our customers, Beyond Identity has developed a tool designed to sanitize HAR files. This tool has been released as open-source and is officially distributed and supported by Beyond Identity, providing a clear and tangible solution for the issue at hand.
As a security company addressing identity problems, we value the trust you place in us and are committed to upholding the highest standards of security and transparency. This breach serves as a reminder of the critical importance of phishing-resistant authentication, hardware-backed credentials, and device trust across all employees, contractors, and partners. We strongly advise our Okta customers to evaluate their environments and ensure that any accounts or groups not protected by Beyond Identity have adequate compensatory protections.
Should you have any concerns or questions regarding this matter, please do not hesitate to contact our support team at [email protected].