Okta employees was hit by Rightway data breach

The aftereffects of the Okta data breach continue and this time the employees are hit by it.

Okta, the leading identity and access management (IAM) provider, disclosed on November 3, 2023, that employee data had been exposed in a third-party data breach. The breach occurred at Rightway Healthcare, a vendor that provides healthcare coverage for Okta employees and their dependents.

The exposed data included names, Social Security numbers, and health or medical insurance plans. Okta stated that the breach was discovered on October 12, 2023, and that it immediately launched an investigation. The company also notified affected employees of the breach and offered them credit monitoring and identity theft protection services.

According to Okta's report to the Office of the Maine Attorney General, the breach impacted a total of 4,961 employees and the file contained the following information on current and former Okta employees and their dependents:

• Full names
• Social Security Numbers (SSNs)
• Health or Medical Insurance plan number

How did the Okta data breach happen?

The breach is believed to have occurred when a cybercriminal gained access to an Okta employee's account at Rightway Healthcare. The cybercriminal then used this access to download a file containing the employee data.

Okta is still investigating the exact cause of the breach, but it is believed that the cybercriminal may have used phishing or social engineering techniques to gain access to the employee's account.

The Okta data breach is the latest in a string of high-profile incidents that have raised concerns about the security of third-party vendors. As companies increasingly rely on third-party vendors to provide essential services, it is important to note that these vendors can also be a target for cyberattacks.

Read also: The fallout from the Okta breach continues.

What Okta is doing to respond?

Okta is taking a number of steps to respond to the data breach. The company is working with Rightway Healthcare to investigate the cause of the breach and to implement additional security measures.

Okta is also providing affected employees with credit monitoring and identity theft protection services.

What can you do?

If you are an Okta employee or dependent, there are a number of steps you can take to protect yourself from the potential consequences of the Okta data breach:

• Monitor your credit report and bank statements for any signs of fraud.
• Place a fraud alert on your credit report. This will notify lenders to contact you before opening any new accounts in your name
• Freeze your credit report. This will prevent anyone from opening new accounts in your name without your permission
• Change your passwords for all online accounts, especially those that contain sensitive information such as financial or medical data

Featured image credit: Okta.

Advertisement