They still dont seem to get it
Okta was at an event I attended on Friday, and the stock response of there is nothing to see here is all they'd come out with.
They don't seem to realise, the issue is not that they had an incident, it's how they knew about it for 2 months and didn't tell anyone. we would have been fine with "we have identified an issue at one of our sub-processors that may affect a limited number of our customers and we are investigating"
followed by
"the issue existed for 4 days from 10th Jan to 24th Jan, at our outsource customer service partner Sitel (Sykes) and may have affected up to 366 customers, we will update you when we receive the full report from our DFIR Partner <name>, and are informing the customers who may have been affected"
then
"here is the full report"
that would have maintained the trust with their customers, that their business is supposed to be built upon.