AutoRABIT’s Response to the Okta Support System Breach
On the 21st of October 2023, a breach in Okta’s support system exposed customer data to unidentified threat actors.
Has AutoRABIT Been Impacted?
While AutoRABIT does use OKTA, a thorough review of AutoRABIT’s environment found no evidence that AutoRABIT is impacted by this security issue.
Actions Taken as Part of Our Defense Strategy
- Okta is deployed in a controlled environment solely for testing within non-production systems.
- AutoRABIT has not initiated or uploaded any HAR file to the Okta portal, which is the mechanism for OKTA to be breached.
- AutoRABIT has implemented continuous monitoring and conducts audits of the entire infrastructure.
- There has been no indication of suspicious login activity associated with Okta within AutoRABIT.
- Default deny access is in place for specific regions and users.
- Token expiration timelines are in place.
- Managed devices are subject to an Access Policy.
