Latest News

Okta cybersecurity breach wipes out more than $2 billion in market cap


In this article


The Okta website on a laptop arranged in Dobbs Ferry, New York, on Feb. 28, 2021.
Tiffany Hagler-Geard | Bloomberg | Getty Images


Okta shares slumped more than 11% Friday after the company said an unidentified hacking group was able to access client files through a support system. The company did not provide more details beyond a set of technical identifiers.

The company’s stock continued to fall in Monday trading, ultimately closing down 8.1%.

Okta is a lesser-known name but forms a critical part of cybersecurity systems at major corporations. The identity management company boasts more than 18,000 customers who use its products to provide a single login point for many different platforms that a given company uses. Zoomfor example, uses Okta to give “seamless” access through a single login to the company’s GoogleServiceNowVMwareWorkday

Okta said it had communicated with all affected clients in Friday’s announcement. At least one of those clients said it had alerted Okta about a potential breach weeks earlier.

In a separate post Friday, privately held identity management firm BeyondTrust said it had told Okta’s security teams about suspicious activity in BeyondTrust’s own Okta systems on Oct. 2. Okta didn’t initially acknowledge the incident as a breach after BeyondTrust alerted the company, despite what BeyondTrust described as concerns that “there was a high likelihood of compromise within Okta support and that we were likely not the only customer impacted.”

Okta shares since the day it first acknowledged a support system breach.

Okta has also been at the center of other higher-profile incidents. Earlier this year, for example, casino giants CaesarsMGMpay millions in ransom to the hacking group, sources told CNBC. MGM had to shut down critical systems that the company acknowledged would have a material effect on its bottom line in an SEC filing.

The direct and indirect losses from those incidents totaled over $100 million. Both those attacks targeted MGM and Caesars’ Okta installations, using a sophisticated social engineering attack that went through IT help desks. Three other companies were also targeted by the hacking group, an Okta executive told Reuters.

Okta has also been a target before. A hacking group purportedly accessed numerous Okta systems in a March attempt. That group, Lapsus$, has been tied to hacking attacks at UberGrand Theft Auto maker Rockstar Games, a subsidiary of Take-Two InteractiveCybersecurity and Infrastructure Security Agency.

Okta did not immediately respond to CNBC’s request for comment.

WATCH: Okta shares fall after support system breach disclosed

Wall Street hikes forecasts for anti-obesity drug sales to $100 billion and beyond

Previous article

Biden-Backed Battery Firm Plunges After Pausing Construction

Next article

You may also like


Leave a reply

Your email address will not be published. Required fields are marked *

More in Latest News