Along with 1Password, Okta said that identity management company BeyondTrust and web security firm Cloudflare were targeted, along with two unnamed customers. Cloudflare has had its ownThe Okta attackers made off with HTTP Archive files that contain cached web session data and cookies that can be used to impersonate valid users, which appears to be what the attackers attempted to do.
"Okta Security identified that an employee had signed-in to their personal Google profile on the Chrome browser of their Okta-managed laptop," Okta chief security officer David Bradbury wrote Friday."The most likely avenue for exposure of this credential is the compromise of the employee's personal Google account or personal device.
"Rest assured, you will not incur any fees, penalties or negative credit reporting related to late payments as we work to fix this issue," Mr. Cooper said.didn't directly answer that question."At this time, we believe this cybersecurity incident was isolated to Mr. Cooper systems and technology and did not affect any of the company's clients' or partners' systems or technology," a Mr. Cooper spokesperson told us.