news

Okta cybersecurity breach wipes out more than $2 billion in market cap

The Okta website on a laptop arranged in Dobbs Ferry, New York, on Feb. 28, 2021.
Tiffany Hagler-Geard | Bloomberg | Getty Images
  • Okta shares continued to slump Monday, closing down more than 8% after the company disclosed that an unidentified hacking group had accessed client files through a support system.
  • More than $2 billion in market cap has been wiped out since the company acknowledged the hack Friday.
  • Okta makes identity management solutions and is a high-profile target for hackers, which have penetrated Okta's customers in a spate of material hacks.

Okta has shed more than $2 billion from its market valuation since the company disclosed a hack of its support systems Friday. The high-profile incident is the latest in a string of incidents that have been tied to Okta or its products, including a spate of intrusions at casinos that crippled Las Vegas hotel rooms for days.

Okta shares slumped more than 11% Friday after the company said an unidentified hacking group was able to access client files through a support system. The company did not provide more details beyond a set of technical identifiers.

The company's stock continued to fall in Monday trading, ultimately closing down 8.1%.

Okta is a lesser-known name but forms a critical part of cybersecurity systems at major corporations. The identity management company boasts more than 18,000 customers who use its products to provide a single login point for many different platforms that a given company uses. Zoom, for example, uses Okta to give "seamless" access through a single login to the company's Google Workspace, ServiceNow, VMware and Workday platforms.

Okta said it had communicated with all affected clients in Friday's announcement. At least one of those clients said it had alerted Okta about a potential breach weeks earlier.

In a separate post Friday, privately held identity management firm BeyondTrust said it had told Okta's security teams about suspicious activity in BeyondTrust's own Okta systems on Oct. 2. Okta didn't initially acknowledge the incident as a breach after BeyondTrust alerted the company, despite what BeyondTrust described as concerns that "there was a high likelihood of compromise within Okta support and that we were likely not the only customer impacted."

Okta has also been at the center of other higher-profile incidents. Earlier this year, for example, casino giants Caesars and MGM were both affected by hacks. Caesars was forced to pay millions in ransom to the hacking group, sources told CNBC. MGM had to shut down critical systems that the company acknowledged would have a material effect on its bottom line in an SEC filing.

The direct and indirect losses from those incidents totaled over $100 million. Both those attacks targeted MGM and Caesars' Okta installations, using a sophisticated social engineering attack that went through IT help desks. Three other companies were also targeted by the hacking group, an Okta executive told Reuters.

Okta has also been a target before. A hacking group purportedly accessed numerous Okta systems in a March attempt. That group, Lapsus$, has been tied to hacking attacks at Uber and Grand Theft Auto maker Rockstar Games, a subsidiary of Take-Two Interactive, according to a report from the Cybersecurity and Infrastructure Security Agency.

Okta did not immediately respond to CNBC's request for comment.

WATCH: Okta shares fall after support system breach disclosed

Don't miss these CNBC PRO stories:

Copyright CNBC
Contact Us