GitHub repositories belong to Okta were hacked by threat actors and the source code were stolen
Okta temporarily restricted access to GitHub repositories and suspended all GitHub integrations with third-party apps and reviewed all recent commits to Okta software repositories hosted with GitHub to validate the integrity of our code, and rotated GitHub credentials.
According to the notification, intruders did not gain access to its service or customer data.
Okta informed the law enforcement. Okta states that “HIPAA, FedRAMP, or DoD customers” were not affected.
The incident is related to the Okta Workforce Identity Cloud (WIC) code repositories and doesn’t impact Auth0 Customer Identity Cloud products.
In March 2022, Okta confirmed a data breach by the ransomware group LAPSUS$, and in September, Auth0, which is owned by Okta, reported the theft of its old source code.