This post may contain affiliate links which may compensate us based on your interaction. Please read the disclosures for more information.
Hackers accessed the email addresses and names of everyone in the Okta customer support system. Find out what this means for your online security.
What happened
Okta has notified users that the security breach it first announced last month was worse than it first thought. The company, which specializes in identity verification, initially estimated that less than 1% of customers had been affected. However, Chief Security Officer David Bradbury now says the hackers downloaded data from all Okta customer support system users.
So what
The good news is that Okta says only names and email addresses were stolen, at least for 99.6% of impacted users. The bad news is that this is information criminals can and do use to access our accounts. Okta has over 18,000 customers worldwide, and works with big companies such as Zoom, T-Mobile, and Hewlett Packard.
Okta warns the breach could put users at a higher risk of phishing or social engineering attacks. Phishing is where criminals pose as organizations you trust, often via email, to trick you into sharing sensitive information or installing malware. Social engineering is also known as “human hacking” and can involve more complex hoaxes.
Now what
Whether or not you’re an Okta customer, cyber threats are on the rise. FBI data shows that people lost almost $190 million to identity theft in 2022. Sadly, there’s a trade-off for the convenience of online banking and using a host of shopping and budgeting apps: It’s easier for criminals to find ways to hack into your accounts.
Here are some ways you can protect yourself:
Set up multi-factor authentication (MFA): MFA is the backbone of Okta’s business. It adds an extra layer of security to your login — such as getting you to enter a code as well as your password. You might use an authenticator app or get an extra code sent to your phone.Know how to recognize phishing scams: Be suspicious when companies contact you out of the blue and ask for sensitive data, whether it’s by email, text message, or a phone call. Watch out for red flags such as slightly odd sender info, emails where your address isn’t in the “to” box, and language that doesn’t feel right.Use a different password for every account: It can be hard to keep track of your password info across multiple accounts. But using an easy-to-guess password or repeating the same password to access several sites can be dangerous. Consider a password manager or come up with your own system to generate strong and unique passwords.Keep your antivirus software up to date: Security software can help protect you against malware, spyware, and viruses. It can also alert you to suspicious emails and give you some protection online. Set up automatic updates to stay ahead of the latest threats.
Many bank accounts and credit cards provide some level of protection against fraud, but it’s still important to be vigilant. The harder you can make it for cyber criminals, the better.
Alert: highest cash back card we’ve seen now has 0% intro APR until 2025
If you’re using the wrong credit or debit card, it could be costing you serious money. Our experts love this top pick, which features a 0% intro APR for 15 months, an insane cash back rate of up to 5%, and all somehow for no annual fee.
In fact, this card is so good that our experts even use it personally. Click here to read our full review for free and apply in just 2 minutes.
We’re firm believers in the Golden Rule, which is why editorial opinions are ours alone and have not been previously reviewed, approved, or endorsed by included advertisers.
The Ascent does not cover all offers on the market. Editorial content from The Ascent is separate from The Motley Fool editorial content and is created by a different analyst team.The Motley Fool has a disclosure policy.