Okta's stock plunges after security breach
47 points by champagnepapi 1 year ago | 27 comments- ChrisArchitect 1 year agoRelated earlier:
Hackers Stole Access Tokens from Okta's Support Unit
- candiddevmike 1 year agoThat Solarwinds is still in business and also had another security breach recently should tell you everything you need to know about the real impact of these things in the long term. Okta's stock may be down but it will go back up once collective amnesia sets in.
What would be more interesting is figuring out how you could claim some kind of injury as an Okta customer due to this incident...
- baz00 1 year agoYes. No one really gives a shit if their vendors are hacked. They are just happy that they have someone else to point at from a risk perspective. "They had all these third party certifications that said it was safe. It wasn't our fault.".
This isn't really the right approach because it really shows that you don't give a shit about your customers either and only care about covering your ass.
- itsthebiz 1 year agoCompanies pay lip service to idiots to collect cash from said idiots. Mentioning this tends to make the dumbass business goons have a frowny face reaction. (It’s better to pay lip service than admit one is a morally adrift turd)
- JohnMakin 1 year agoThat works as long as a breach like this doesn't destroy your entire business.
- baz00 1 year agoDon't think they have that level of foresight.
- baz00 1 year ago
- itsthebiz 1 year ago
- JumpCrisscross 1 year ago> What would be more interesting is figuring out how you could claim some kind of injury as an Okta customer due to this incident
The lack of attributable damage is why this isn’t taken seriously.
- baz00 1 year ago
- toddmorey 1 year agoI feel like it will bounce back... this breach was the support case management system, separate from the production Okta service. Still embarrassing for sure, still risk of confidential info exposed, but doesn't seem to impact core infrastructure.
- MattPalmer1086 1 year agoApparently customers upload HTTP archive files to the support system which can include session tokens for their actual systems.
So it allows attackers to compromise Okta's customers core infrastructure.
- MattPalmer1086 1 year ago
- RexM 1 year agoDown over 11% on Friday if you just wanted to know how much it dropped.
- dheera 1 year agoI never get why stocks drop on security breaches.
It means they learned something, and they are now stronger as a company and are less likely to have the same security breach happen again. Seems like a time to buy if you ask me.
- idopmstuff 1 year agoIn this case it's because it's a security company, so in theory it's reputationally bad for them and could impact customer renewals and new sales.
- evan_ 1 year agonot to mention lawsuits and fines
- evan_ 1 year ago
- AnonC 1 year agoSince this is a general comment, here are some general responses.
> It means they learned something,
That’s debatable.
> and they are now stronger as a company
Really not sure we can assume this unless the company is transparent, quickly apologetic and clearly says what it will do.
> and are less likely to have the same security breach happen again
If there’s one thing I’ve seen in the industry, companies change because their people change and policies change and external pressures change. There is absolutely no way to be over optimistic and believe that things won’t get far worse in the future.
Information security doesn’t get a lot of long term attention. There’s too much fatigue by constant breaches and leaks that companies do the minimum PR to let it slide in a few days or weeks. Even any government hearings will be met with PR statements and sentences that nobody actually believes.
- grvdrm 1 year agoSmart response.
To add to your thinking
Stronger: How much stronger? How do you measure? How do you test?
Less Likely: How much less likely? And could it instead make them more likely to see attacks since they've been exposed.
It doesn't take much to lose sight of proper controls, processes, etc. Something simple like team turnover can cause something to be missed.
Also, re: transparency, it's going to be interesting to see how companies handle the SEC's new rule regarding material cybersecurity issues.
Clorox, as an example, has released multiple 8Ks recently as they continue to work through their August incident.
- grvdrm 1 year ago
- wkat4242 1 year agoYou would hope they learned something. This isn't always the case.
Also, they are a company that others rely on for security. In this case they failed to do their job.
It's pretty similar to the LastPass hack. Do you still trust them?
- dheera 1 year ago> It's pretty similar to the LastPass hack. Do you still trust them?
I didn't trust them before (and never used them) but I might trust them more now.
Do you trust first-time plumbers or veteran plumbers that have f-ed up a couple times and learned a few things?
- dheera 1 year ago
- quantified 1 year agoPerhaps. It doesn't say anything about their likelihood of having yet another breach. After all, this isn't the first.
- idopmstuff 1 year ago
- dheera 1 year ago
- vuln 1 year agoBeyondTrust Discovers Breach of Okta Support Unit
https://www.beyondtrust.com/blog/entry/okta-support-unit-bre...
- 1-6 1 year agoSometimes I wonder if Okta’s 5% layoff in 2023Q1 can leave security holes. The savings from layoffs is certainly not worth a stock plunge.
Edit: Headline needs to desensetionalaze a bit. -11.57% isn’t too bad.
- AtNightWeCode 1 year agoI wonder what was really achieved when we left basic auth with sessions and moved to web tokens. None of these jwt services handles logouts as far as I know. It is just a more complex way of doing just about the same thing.
- 1 year ago
- Ashwizard1 1 year agoWhat security tools would have prevented this type of session hijacking attack? Cyberark EPM? Hashicorp Vault/Boundary?
- nonameiguess 1 year agoThe company just has to actually care about the security of peripheral systems like this that aren't directly a part of their product offering. Okta has more than sufficiently smart admins who can prevent session tokens from being stolen, but I'm willing to bet their attention is devoted 95% at least to Okta itself and not their external help desk that they probably don't even run themselves. Attackers will always find your weakest link, whatever you think is too insignificant to devote effort to.
- vel0city 1 year agoHow about not attaching the session tokens to support tickets for a start?
- baz00 1 year agoSecurity person who thinks tools first needs to get clue stick first.
- nonameiguess 1 year ago
- Unfrozen0688 1 year agoAnother security breach? I know about the Lactus?(sp) one a few months or years ago
- ronsor 1 year agoI think the LAPSUS$ breach used a different vector.
- ronsor 1 year ago