|
|
|
|
|
|
by rawgabbit
998 days ago
|
|
|
The Okta blog claimed the hackers had access to the users passwords or have already compromised the flow between Active Directory (Microsoft) & Okta and then used social engineering to reset MFA. In any case, this is a major mess. I believe we need the civilian version of login.gov sooner rather than later. The US Post Office can charge a fee every time it has to reset someone password after they verified who they are in person. https://sec.okta.com/articles/2023/08/cross-tenant-impersona... |
|
|