- cross-posted to:
- [email protected]
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
- [email protected]
Okta hackers stole data on all customer support users, company says::The hack was worse than initially believed, with every client having some data stolen in the breach, the cybersecurity company warned.
I’d argue a lot of these articles are missing the bigger point here. Okta appears to have gaslit their customer base.
Coming forward with a substantially worse finding than the initial one in October is not good. This probably means someone wanted to rush out the memo that “fewer than 1%” of customers were impacted without diligence in their investigation. This is worsened by the fact that they had a breach near the start of this year.
Best case, this was a process failure when analyzing the impact of the breach. While process failures can be fixed, this erodes trust and calls into question how they missed this information.
Worst case, though? The initial set of findings was a cheap attempt at trying to save face and sweep the news under the rug, but they were caught when they could no longer plausibly say “less than 1% of customers” were affected. This feels like a lie. A lie about anything related to security destroys trust quickly.
Going forward, I think there will be a lot of skepticism around Okta’s investigations of their breaches and the trust lost will be very difficult to regain.