Okta says source code for Workforce Identity Cloud service was copied
Single sign-on provider Okta said on Wednesday that software code for its Okta Workforce Identity Cloud service was copied after intruders gained access to the company’s private repository on GitHub.
“Our investigation concluded that there was no unauthorized access to the Okta service, and no unauthorized access to customer data,” company officials said in a statement. “Okta does not rely on the confidentiality of its source code for the security of its services. The Okta service remains fully operational and secure.”
The statement said that copied source code pertains only to the Okta Workforce Identity Cloud and doesn’t pertain to any Auth0 products used with the company’s Customer Identity Cloud. Officials also said that upon learning of the breach, Okta placed temporary restrictions on access to the company’s GitHub repositories and suspended GitHub integrations with third-party apps.