Skip to main content
  1. Home
  2. Computing
  3. News

Hackers targeted 1Password after Okta breach, but your logins are safe

By
Add as a preferred source on Google

Security credentials like usernames and passwords are a tempting target for hackers, and even the best password managers can come under threat from time to time. That was the case recently with the popular password manager 1Password, which recently disclosed (via Bleeping Computer) that its Okta support system was breached by malicious hackers.

Fortunately, it doesn’t appear that any customer data was stolen, so if you use 1Password, your login info should be safe for now. However, it’s always good to regularly update your passwords (or use passkeys) just in case they fall into the wrong hands.

A dark mystery hand typing on a laptop computer at night.
Andrew Brookes / Getty Images

In a blog post on its website, 1Password explained the situation. “We detected suspicious activity on our Okta instance related to their Support System incident,” 1Password said. “After a thorough investigation, we concluded that no 1Password user data was accessed.”

Recommended Videos

After detecting suspicious activity on September 29, 1Password “immediately terminated the activity, investigated, and found no compromise of user data or other sensitive systems, either employee-facing or user-facing.”

The Okta connection

A person using 1Password on a desktop all-in-one computer while sat at a desk. There are two laptops next to them on the desk.
1Password / AgileBits

The link with Okta is interesting because it reveals a key vulnerability. Okta helps companies manage their users and ensure everyone can log in securely, and it also offers support for this process. As part of that, customers sometimes upload file archives to help diagnose problems, but these archives can contain sensitive data like session tokens and login data.

According to a detailed report from 1Password, a hacker stole a session cookie from a 1Password IT employee, then attempted to access the worker’s dashboard and request a list of admin users. Fortunately, the former action was blocked by Okta, while the second led to an automated email being sent to other 1Password admins, which alerted them to the breach.

While your login info is safe — no user data appears to have been accessed by the hacker — it shows just how easily seemingly secure systems can be breached by bad actors. In response to the incident, 1Password says it has reduced the number of “super admin” users, implemented tighter login rules for admins, and taken other measures.

Despite this episode, you should still pick one of the best password managers to keep your login data safe. After all, using an app to create and store unique passwords for you is far safer than using the same easily guessable login info for every account.

Alex Blake
Alex Blake
Computing Writer
Alex Blake has been working with Digital Trends since 2019, where he spends most of his time writing about Mac computers…
Topics
Windows 11 is getting a new Screen Tint mode, and your eyes might thank Microsoft
Users can apply custom color overlays to reduce screen intensity and visual fatigue.
Windows 11 on a laptop

Microsoft is testing a new accessibility feature for Windows 11 called Screen Tint, and it could be one of those small additions that make a surprisingly big difference. Instead of changing your display's color temperature like Night Light, Screen Tint applies a customizable color overlay across the entire screen, making bright displays easier on the eyes during long work or gaming sessions.

A softer screen for tired eyes

Read more
Apple’s looking at a politically radioactive fix for the memory crisis, and the US government isn’t happy about it
Apple blamed memory costs for your price hike. Its proposed solution involves a Pentagon blacklist.
Apple Mac Mini on a Desk

A few days ago, Apple announced an ugly mid-cycle price hike, blaming the worsening-by-the-day memory crisis. According to the Financial Times, the company is now lobbying the government for approval to buy memory chips from a Chinese company. 

The company in question is CXMT, a Chinese chipmaker that the Pentagon added to its Chinese Military Company blacklist for alleged ties to the Chinese army.

Read more
As iPads get pricier, Motorola’s Pad 70 Pro arrives as a solid option… just not for US buyers yet
Great specs, a stylus in the box, and no US launch date: the Moto Pad 70 Pro sounds both impressive and disappointing.
Computer, Electronics, Laptop

If you don’t know about Apple’s recent price hike, which affected all the products in its lineup except the iPhone and Apple Watch (for now), you’ve got to be living under some sort of a rock. The revision made all the iPads much more expensive. 

Motorola, however, has just launched a 13-inch tablet that actually sounds good on paper. It’s called the Moto Pad 70 Pro, and it costs around $440 for the baseline model. The catch, however, is that the device isn’t available in the US yet. 

Read more