It can only be a matter of time before one of the major cloud providers has to announce an extensive compromise of customer accounts…
Okta data breach dilemma dwarfs earlier estimates
Okta has admitted that the number of customers affected by its October customer support system data breach is far greater than previously thought. Chief security officer David Bradbury originally said earlier this month that according to the company's root cause analysis, the files of just 134 Okta customers – less than 1 …
COMMENTS
-
Wednesday 29th November 2023 18:41 GMT aerogems
Seems like it's time to go back to the main questions of the Watergate era. What did Okta know, and when did they know it? It seems difficult to believe that they're only just now figuring all this out, and more likely they are sitting on plenty more, which they'll only reveal if they're somehow forced to. Wouldn't surprise me in the least if this latest disclosure was intended to head off any lawsuits from affected customers.
Anyway, that all said, since the place I worked at recently used Okta, it's just one more reason why I'm glad I'm not there anymore.
-
Thursday 30th November 2023 16:39 GMT Anonymous Coward
One of the troubling after-effects of these incidents is indeed the erosion of trust from their customers and the public at-large.
The obvious first-order cause is the incident or breach itself -- it naturally gives customers, whether directly affected or not, a reason to question the competency of the company.
But anyone who has been around tech for a while knows that failures are all but inevitable. Network, hardware, software, application, security, and so on, all suffer from the possibility. So we can understand and even commiserate to some extent.
However, the companies' handling of the crisis is another matter. Anything less than prompt full disclosure usually makes things worse, especially over the long term. How many times have we seen companies react to some problem like this progression:
"Nothing happened, business as usual."
"Sometimes has happened, but we found it early, there was no impact."
"We have notified the very few customers who might have been impacted, nothing to worry about."
"Everyone should download the new version, restore from trusted backups, and change all passwords immediately."
Even if some companies really are working (struggling?) to discover and triage the full impact of whatever failure or breakdown or breach happened, it feels like others are just covering up instead, presumably in hopes of avoiding the financial hit -- stock price, market share, insurance claims, lawsuits etc.
Customers, industry observers, analysts, and the media question whether the company is withholding information, and if the company would have said anything at all if the breach hadn't been exposed. People extrapolate (accurately or otherwise) that the failure is worse than reported, often leading to more reputational damage to the company.
You can't defuse a bomb after it has already gone off.
Companies probably figure they can ride it out well enough if they at least create the appearance of dealing with the incident, wait for the headlines and google search results to move on to other things, then back to business as usual. The strategy, if you can call it that, is usually effective; after all, how many customers are really prepared to make a full switch to another cloud provider, security company, hardware platform, etc.
-
-
Wednesday 29th November 2023 20:38 GMT Anonymous Coward
Oktagone
A previous employer went full-Okta. Laptops, IT systems, mail, messaging, facilities, all cloud systems, ... everything. An Okta failure would be a disaster recovery scenario with a few people manually re-adding standard accounts, one host, one user at a time. This was weeks after a couple of minor Okta outages and an Okta hack that compromised systems.
Shareholders have no idea just how fragile their cloud investments are.
-
-
-
Thursday 30th November 2023 11:19 GMT spireite
For the same reason that companies have gone from on-prem to cloud, attracted by the shine green pastures proclaiming.....
1. We're cheaper than on-prem
2. We'll manage all services for you
and the implied special promise....
3. You don't need to hire security admins/DBAs/etc....
and Bullys special prize.... (this seems apt - https://www.youtube.com/watch?v=YIOhWbLcVqg)
4. WE ARE SECURE
All of the above were to us whitebeards.... FALSE!!
I haven't seen one place I've worked at where cloud even came close to the on-prem and related costs - it literally has been magnitudes more expensive.
Everywhere I've been got rid of DBAs, Security admins, etc... then within 3 months realised they'd been sold a dummy, but already committed to a 'saver' aka 'reserved' plan of 2 years plus. At this point, they rehired the knowledge they'd lost and practically tripled the annual expense by the end of it.
-
-
Thursday 30th November 2023 10:04 GMT Omnipresent
The Usual
The crazy part is, a lot of us knew this news would come when they announced the original breach, and were waiting for the rest of the announcement. Trying to mitigate the damage by spreading out the news over as long a period of time as possible has become par for the course.
It's ALWAYS worse than you're told. The cloud has compromised everyone in a way only AI could rival.