December 22, 2022

Okta, the access management and identity provider, said that an attacker gained illegal entry to its private GitHub repositories and replicated some of its source code. It had earlier begun notifying customers via email of an incident in which an unidentified party stole the company’s source code.

This is the second security incident of the year. The most recent came to life when Okta was notified by GitHub in early December of possible suspicious access to its online code repositories. Okta determined after an investigation that someone had used that access to copy over its source code but had not gained unauthorized access to its identity and access management systems.

“Our investigation concluded that there was no unauthorized access to the Okta service, and no unauthorized access to customer data,” company officials said in a statement. “Okta does not rely on the confidentiality of its source code for the security of its services. The Okta service remains fully operational and secure.”

According to the statement, the copied source code only applies to the Okta Workforce Identity Cloud and not to any Auth0 products used with the company’s Customer Identity Cloud. Okta officials also stated that after learning of the breach, they temporarily restricted access to the company’s GitHub repositories and suspended GitHub integrations with third-party apps.

The sources for this piece include an article in BleepingComputer.