Security incidents

On March 9, 2021, hacking collective "Advanced Persistent Threat 69420" breached an Okta office network through a security failure in the company's Verkada camera setup. They were able to download security footage from the cameras. One member of the group, Maia Arson Crimew, also revealed that the group had gained root shell access to the network. In a blog post the next-day, Okta Chief Security Officer David Bradbury minimized the root shell as an "internal support tool" of the camera manufacturer Verkada. However, the shell would have given the hackers full access to execute any commands on the network, and Cloudflare admitted that a similiar hack by the group on that company's network provided them with the same level of access. Bradbury also said that the threat was contained to an isolated network.

On March 22, 2022, the hacking group LAPSUS$ posted screenshots claiming to be from Okta internal systems. The next day, Okta concluded that a maximum of 366 of their customers data may potentially have been impacted, further stating that the breach originated with a computer used by one of Okta's third-party customer support engineers to which the hackers had access.

In December 2022, Okta's source code was stolen when a hacker gained access to their GitHub repository.

In early October 2023, Okta was notified of a breach resulting in hackers stealing HTTP access tokens from Okta's support platform by BeyondTrust. Okta denied the incident for a number of weeks, but later recognized that a breach had occurred. Customers impacted by the Okta breach included Caesars Entertainment, MGM Resorts International, 1Password and Cloudflare. On November 29th, 2023, it was known that the security incident affected all Okta customers.​