Beyond Trust Details
Beyond Trust
Johns Creek, GA • 1500 employees • Information Technology
Industry
Information Technology
Security Incidents
1
BeyondTrust is a cybersecurity company that specializes in Privileged Access Management (PAM), which helps organizations secure and manage special access rights to critical systems and data. They provide solutions that prevent data breaches by controlling, monitoring, and auditing privileged accounts and access. The company serves a range of industries globally, offering tools to protect against security threats while complying with regulatory requirements.
Security Incidents
Beyond Trust Breach of Oct 2023
Severity Score
Low to Moderate
Type
3rd Party CompromiseSummary
In early October 2023, BeyondTrust detected an attack on their Okta administrator account, where an attacker used a stolen session cookie from Okta's support system. The breach occurred because an Okta support agent had previously requested sensitive data from BeyondTrust for troubleshooting, which was then exploited. Although the attacker managed to create a backdoor user account using this cookie, BeyondTrust's security systems quickly identified and neutralized the threat, preventing any damage or further unauthorized access.Severity
The breach's severity was mitigated effectively by BeyondTrust's robust security measures, resulting in no actual damage to their infrastructure or exposure of customer data. Despite the potential for significant harm, as the attacker had access to create a backdoor account, rapid detection and response prevented any misuse of the compromised credentials. However, the incident highlighted vulnerabilities in Okta's support system and the risk associated with sharing sensitive session data.Impact
The breach primarily impacted BeyondTrust, specifically targeting their Okta administrator account, but was contained before affecting any of BeyondTrust's systems or customer data. While Okta confirmed a broader internal breach affecting several customers, BeyondTrust's swift response prevented any further exploitation or data compromise within their network. The event underscores the importance of vigilant security practices for all Okta users, as the support system vulnerability had the potential to affect multiple clients.KEEP YOUR ENVIRONMENT SECURE
Weak credentials are the leading cause of breaches. Beyond Identity can help.
See MFA exploits in action
Watch how adversaries exploit companies in quick videos