Hackers compromised Okta’s private GitHub repos

Ryan Daws is a senior editor at TechForge Media, with a seasoned background spanning over a decade in tech journalism. His expertise lies in identifying the latest technological trends, dissecting complex topics, and weaving compelling narratives around the most cutting-edge developments. His articles and interviews with leading industry figures have gained him recognition as a key influencer by organisations such as Onalytica. Publications under his stewardship have since gained recognition from leading analyst houses like Forrester for their performance. Find him on X (@gadget_ry) or Mastodon (@gadgetry@techhub.social)


Okta says hackers compromised its private GitHub repos earlier this month and stole its source code.

BleepingComputer got hold of a “confidential” email notification sent by Okta to its “security contacts” about the breach.

The Identity and Access Management (IAM) solutions leader says GitHub alerted Okta to the suspicious access earlier this month.

“Upon investigation, we have concluded that such access was used to copy Okta code repositories,” wrote Okta CSO David Bradbury in the notification email.

Okta claims the hackers did not access the Okta service or customer data. Furthermore, the company temporary access restrictions to their GitHub repos and suspended all GitHub integrations with third-party applications.

“We have since reviewed all recent access to Okta software repositories hosted by GitHub to understand the scope of the exposure, reviewed all recent commits to Okta software repositories hosted with GitHub to validate the integrity of our code, and rotated GitHub credentials. We have also notified law enforcement,” added Bradbury.

“Additionally, we have taken steps to ensure that this code cannot be used to access company or customer environments. Okta does not anticipate any disruption to our business or our ability to service our customers as a result of this event.”

Okta plans to publish a statement about the incident on its blog today.

(Photo by Richy Great on Unsplash)

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London.

Explore other upcoming enterprise technology events and webinars powered by TechForge here.

Tags: , , , , ,

View Comments
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *