Updated on 2022-09-29
A security incident at Auth0 allegedly led to attackers stealing some code repositories from 2020 and earlier. However, no customer data has been impacted, said the authentication service provider. Read more: Auth0 warns that some source code repos may have been stolen
Overview
Authentication and authorization platform Auth0 disclosed a security incident on Monday, revealing that a threat actor gained access to older Auth0 code repositories dating before October 2020. Auth0, who is now owned by Okta, said the threat actor did not gain access to any customer information. Read more: Auth0 Code Repository Archives From 2020 and Earlier
We immediately launched a thorough internal investigation and enlisted the services of a leading third-party cybersecurity forensics firm. Both investigations, recently concluded, confirmed that there was no evidence of unauthorized access to our environments, or those of our customers, nor any evidence of any data exfiltration or persistent access.
