Bill Toulas reports: Okta is warning nearly 5,000 current and former employees that their personal information was exposed after a third-party vendor was breached. Okta is a San Fransisco-based cloud identity and access management solutions provider whose Single Sign-On (SSO), multi-factor authentication (MFA), and API access management services are used by thousands of organizations worldwide….
Category: Business Sector
Wawa Data Breach Settlement’s $3 Million Lawyers Fee Rejected
Jennifer Kay reports: A federal appeals court has vacated over $3 million in attorneys’ fees awarded as part of a $12.2 million data breach settlement against Wawa Inc. The fee award issue now is remanded to the district court “to take a closer look at the reasonableness of the attorney’s fees in proportion to class…
1Password, Cloudflare affected by Okta compromise
Jonathan Greig reports: Password manager 1Password and cybersecurity and networking giant Cloudflare were targeted by hackers following the breach affecting single sign-on provider Okta, according to statements from both companies. First reported by Ars Technica and later confirmed in a blog post directly from company chief technology officer Pedro Canahuati, 1Password said it detected suspicious activity on its Okta instance that…
Cisco IOS XE threat actors hide their tracks, find other zero-days
Catalin Cimpanu writes: Over the past three days—since our last newsletter edition—the situation around the latest zero-day attacks targeting Cisco IOS XE devices has drastically changed, and we feel the need to cover it in our featured section and provide a short summary of what has been going on. Although these attacks have been taking…
Hackers Stole Access Tokens from Okta’s Support Unit
Brian Krebs reports: Okta, a company that provides identity tools like multi-factor authentication and single sign-on to thousands of businesses, has suffered a security breach involving a compromise of its customer support unit, KrebsOnSecurity has learned. Okta says the incident affected a “very small number” of customers, however it appears the hackers responsible had access…
France frees the two biggest Spanish hackers
The following is from a machine translation of an article by Luis F. Duran that appeared at El Mundo on October 18: Last Thursday, French Justice released two Spanish hackers, aged 26 and 28, arrested last summer on charges of attacking 26 French companies from which they supposedly demanded million-dollar ransoms. After the investigation and the…