Beyond Trust Details

    Organization Logo

    Beyond Trust

    Johns Creek, GA1500 employees • Information Technology

    Industry

    Information Technology

    Security Incidents

    1

    BeyondTrust is a cybersecurity company that specializes in Privileged Access Management (PAM), which helps organizations secure and manage special access rights to critical systems and data. They provide solutions that prevent data breaches by controlling, monitoring, and auditing privileged accounts and access. The company serves a range of industries globally, offering tools to protect against security threats while complying with regulatory requirements.

    Security Incidents

    Beyond Trust Breach of Oct 2023
    Severity Score
    Low to Moderate

    Type

    3rd Party Compromise

    Summary

    In early October 2023, BeyondTrust detected an attack on their Okta administrator account, where an attacker used a stolen session cookie from Okta's support system. The breach occurred because an Okta support agent had previously requested sensitive data from BeyondTrust for troubleshooting, which was then exploited. Although the attacker managed to create a backdoor user account using this cookie, BeyondTrust's security systems quickly identified and neutralized the threat, preventing any damage or further unauthorized access.

    Severity

    The breach's severity was mitigated effectively by BeyondTrust's robust security measures, resulting in no actual damage to their infrastructure or exposure of customer data. Despite the potential for significant harm, as the attacker had access to create a backdoor account, rapid detection and response prevented any misuse of the compromised credentials. However, the incident highlighted vulnerabilities in Okta's support system and the risk associated with sharing sensitive session data.

    Impact

    The breach primarily impacted BeyondTrust, specifically targeting their Okta administrator account, but was contained before affecting any of BeyondTrust's systems or customer data. While Okta confirmed a broader internal breach affecting several customers, BeyondTrust's swift response prevented any further exploitation or data compromise within their network. The event underscores the importance of vigilant security practices for all Okta users, as the support system vulnerability had the potential to affect multiple clients.

    KEEP YOUR ENVIRONMENT SECURE

    Weak credentials are the leading cause of breaches. Beyond Identity can help.

    See MFA exploits in action
    Watch how adversaries exploit companies in quick videos