Okta, an identity and access management services provider, revealed that its customer support case management system was compromised, exposing sensitive customer data. The incident only affected customers with recent support cases. Okta has notified affected customers, but how the support case management system was compromised remains unclear. This comes after Okta was identified as the initial attack vector in cyberattacks on MGM Resorts and Caesars Entertainment and follows previous security breaches at Okta, including the theft of source code in 2022. Okta took over two weeks to acknowledge a breach of its support system, according to cybersecurity vendor BeyondTrust. BeyondTrust raised concerns about the breach in early October, but Okta only acknowledged it on Friday.
Amazon has quietly introduced support for passkeys, allowing users to log in using biometric authentication. However, there are limitations to Amazon’s implementation, as passkeys are not yet supported in native apps, and users still need to enter a one-time verification code if they have previously set up two-factor authentication. It is unclear if this requirement is temporary or if passkey support will be added to mobile apps. Passkey support is currently available in the U.S., U.K., France, and Germany.
According to FIDO’s recent “barometer” study, consumer awareness of passkeys has grown from 39% in 2022 to 52% awareness today.
Why do we care?
It’s always the coverup! Always. Remember that – the anger comes from the handling, not the incident. It’s a simple lesson to take from this one. For MSPs, the lesson is to have robust incident response plans that include clear guidelines for communication with affected parties.
With the jump from 39% to 52% in awareness, MSPs can leverage this increased familiarity to advocate for stronger security measures. Clients are more likely to be receptive to technologies they’ve heard of, making it easier for MSPs to implement them.
And thanks to listener Chris who tells me I was mispronouncing Okta.

