Technology Rises

  Attackers compromised customer support files containing cookies and session tokens, which could result in malicious impersonation of valid Okta users. Okta, an identity and access management services provider, disclosed that its customer support case management system was recently compromised, exposing sensitive customer data including cookies and session tokens. Attackers could potentially use the information to impersonate valid users contacting support. The customer support case management system is separate from the Okta service itself and the incident only impacted customers with recent support cases, the company's  Chief Security Officer David Bradbury  stressed in a blog post  on Oct. 20.  Impacted customers have been notified, he said. " Okta has worked with impacted customers to investigate, and has taken measures to protect our customers, including the revocation of embedded session tokens," Bradbury added. In its blog post, Okta listed IP addresses ...