US identity and access management company Okta has been hacked. The company itself confirms this. This allowed attackers to view customer data through the customer service management system.

Hackers were able to gain access to Okta customer data. The attackers managed to view the data by breaking into the customer service management system. The American company’s chief security officer, David Bradbury, confirmed this in a statement.

Even looking is not allowed

The break-in was carried out using stolen credentials. It is not explained how the theft could have occurred. Files uploaded by a number of Okta customers as part of recent cases were reviewed.

Okta emphasizes that this department is separate from operational activities, which are unaffected and fully functional. Everyone affected by this attack has been notified by the company. Okta recommends customers download an HTTP archive (HAR) file that the team can use to troubleshoot issues.

Okta’s security team worked with a number of customers in its investigation. A number of session tokens were also revoked. In general, Okta recommends sanitizing credentials, session tokens, and cookies in a HAR file before sharing.

Earlier this year, Okta launched Device Access, a security solution for hybrid work situations. The company will also work with Google’s Vertex AI to further integrate artificial intelligence into its systems.