I looked it up: Okta is a corporate identity management service, they handle stuff like SSO, logins, AD, etc...
So I see why they are targeted.
Yeah, they handle SSO between platforms. Not the registrations though.
They just handle the SSO part, if you have three systems connected, you need to sync the users between them on your own, then they can log them in to all three .
I understood some of those words!
They build digital corridors so at your workplace you can use multiple different applications without having to login every time.
Hopefully all of them except maybe SSO
That's not completely true. That's often the ideal way to use them (especially with integrating pre-existing applications). But they do offer (crappy) user stores in their auth0 product which can handle registration including UI.
Interesting, I guess they don't offer that for all platforms.
And they work with federal contractors. So double the reason to target them.
including names and email addresses
By now, that's been stolen from so many companies that I wonder how much new info is really being compromised compared to what's already out there. Speaking anecdotally, my spam already comes personalized. Like, even the obviously-not-from-a-partner phishy-looking stuff.
True, but I think the point here is context. What the hackers get here is the context that X recipient gets email on X address from Okta so I'd more likely than not to respond.
In my experience, Customer Support Users often have access to fuck shit up pretty good.
Chrysler login for scanning their vehicles uses okta
I looked it up: Okta is a corporate identity management service, they handle stuff like SSO, logins, AD, etc...
So I see why they are targeted.
Yeah, they handle SSO between platforms. Not the registrations though.
They just handle the SSO part, if you have three systems connected, you need to sync the users between them on your own, then they can log them in to all three .
I understood some of those words!
They build digital corridors so at your workplace you can use multiple different applications without having to login every time.
Hopefully all of them except maybe SSO
That's not completely true. That's often the ideal way to use them (especially with integrating pre-existing applications). But they do offer (crappy) user stores in their auth0 product which can handle registration including UI.
Interesting, I guess they don't offer that for all platforms.
And they work with federal contractors. So double the reason to target them.
By now, that's been stolen from so many companies that I wonder how much new info is really being compromised compared to what's already out there. Speaking anecdotally, my spam already comes personalized. Like, even the obviously-not-from-a-partner phishy-looking stuff.
True, but I think the point here is context. What the hackers get here is the context that X recipient gets email on X address from Okta so I'd more likely than not to respond.
In my experience, Customer Support Users often have access to fuck shit up pretty good.
Chrysler login for scanning their vehicles uses okta