okta
Company Details
Linkedin ID:
okta
Website:
Employees number:
3
Number of followers:
0
NAICS:
54131
Industry Type:
Homepage:
okta.com.de
IP Addresses:
0
Company ID:
OKT_8655135
Scan Status:
In-progress
okta Company CyberSecurity Posture
okta.com.de
okta ist ein Unternehmen, dass sich auf New Urbansim und Stadtforschung spezialisiert. Existierende Stadtstrukturen werden analysiert und in der Planung angewendet.
okta A.I CyberSecurity Scoring
okta Risk Score (AI oriented)Between 750 and 799
okta
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
okta Global Score (TPRM)XXXX
okta
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
okta Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Okta, Salesforce and Google: ShinyHunters claim to be behind SSO-account data theft attacks
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: ShinyHunters Gang Behind Vishing Attacks Targeting SSO Accounts at Okta, Microsoft, and Google The extortion group ShinyHunters has claimed responsibility for a series of voice phishing (vishing) attacks targeting single sign-on (SSO) accounts at Okta, Microsoft Entra, and Google, enabling threat actors to breach corporate SaaS platforms and steal data for extortion. In these attacks, cybercriminals impersonate IT support staff, calling employees and tricking them into entering credentials and multi-factor authentication (MFA) codes on phishing sites mimicking legitimate login portals. Once compromised, the attackers gain access to the victim’s SSO account, which often serves as a gateway to connected enterprise applications, including Salesforce, Microsoft 365, Google Workspace, Dropbox, Slack, and Atlassian. The phishing kits used in these attacks feature real-time control panels, allowing attackers to dynamically adjust phishing pages during calls prompting victims to approve MFA requests or enter one-time codes as needed. Okta confirmed the use of such kits in a recent report, though it declined to comment on the breaches themselves. ShinyHunters told BleepingComputer that it is behind some of the attacks, with Salesforce as its primary target, though other platforms are also exploited. The group leverages stolen employee data including phone numbers, job titles, and names from previous breaches to make social engineering calls more convincing. Recent victims listed on ShinyHunters’ Tor data leak site include SoundCloud, Betterment, and Crunchbase. While SoundCloud and Betterment had previously disclosed breaches, Crunchbase confirmed a new incident involving data exfiltration from its corporate network, though no operational disruptions occurred. The company has engaged cybersecurity experts and law enforcement. Microsoft and Google have not reported evidence of their products being abused in the campaign, with Google stating it has no indication its systems were affected. ShinyHunters disputed Okta’s attribution of a specific phishing kit, claiming its infrastructure was built in-house.
okta Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for okta
Incidents vs Architecture and Planning Industry Average (This Year)
okta has 66.67% fewer incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
okta has 28.57% fewer incidents than the average of all companies with at least one recorded incident.
Incident Types okta vs Architecture and Planning Industry Avg (This Year)
okta reported 1 incidents this year: 1 cyber attacks, 0 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — okta (X = Date, Y = Severity)
okta cyber incidents detection timeline including parent company and subsidiaries
okta Company Subsidiaries
okta ist ein Unternehmen, dass sich auf New Urbansim und Stadtforschung spezialisiert. Existierende Stadtstrukturen werden analysiert und in der Planung angewendet.
Loading...
okta Similar Companies
CHINA STATE CONSTRUCTION (CSCEC)
China State Construction Engineering Corporation Ltd (in short: China Construction; Stock code: 601668), formally established on December 10, 2007, was co-initiated by four Fortune Global 500 enterprises: China State Construction Engineering Corp. (CSCEC), China National Petroleum Corporation (CNPC)
.png)
okta CyberSecurity News
January 22, 2026 09:43 PM
Okta SSO accounts targeted in vishing-based data theft attacks
Okta is warning about custom phishing kits built specifically for voice-based social engineering (vishing) attacks.
January 15, 2026 10:44 PM
Proofpoint secures ex-Okta’s Johann Ramchandra to head its A/NZ channel
Cybersecurity and compliance company Proofpoint has brought on former Okta senior strategic alliance manager Johann Ramchandra to lead its...
January 15, 2026 11:46 AM
Okta upgraded to Overweight at Stephens amid durable growth in cybersecurity
As previously reported, Stephens upgraded Okta (OKTA) to Overweight from Equal Weight with a price target of $120, up from $97,...
January 09, 2026 10:33 PM
Is It Time To Reassess Okta (OKTA) After Recent Cybersecurity Sentiment Shift?
If you are wondering whether Okta's share price reflects its true worth today, you are not alone. This article will help you frame that...
January 02, 2026 08:00 AM
3 Cybersecurity Stocks to Watch in 2026 as Identity and Endpoint Converge
Identity and endpoint security are converging in 2026, and its reshaping the cybersecurity sector; this article provides an outlook for...
December 22, 2025 08:00 AM
Does New SaaS and Cybersecurity Expertise on Okta's Board (OKTA) Strengthen Its AI Security Narrative?
Okta Investment Narrative Recap. To own Okta, you need to believe identity will remain central to securing cloud and AI workloads, and that an...
December 22, 2025 08:00 AM
Payroll pirates now causing havoc in more industries
They're certainly some kind of cybercrime organization or fraud organization that is doing this at scale,” says Okta Threat Intelligence VP...
December 19, 2025 08:00 AM
Okta Names Rob Bernshteyn and Paul Sagan to Board of Directors
Okta, Inc. (Nasdaq: OKTA), the leading independent identity partner, today announced the appointment of Rob Bernshteyn and Paul Sagan to the...
December 16, 2025 08:00 AM
Okta rises as Jefferies upgrades to Buy; firm lists Palo Alto, Zscaler among top picks for '26 (OKTA:NASDAQ)
Okta (OKTA) shares rose 1.5% in premarket trading on Tuesday as Jefferies upgraded the identity access management firm to Buy.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
okta CyberSecurity History Information
Official Website of okta
The official website of okta is https://http://okta.com.de.
okta’s AI-Generated Cybersecurity Score
According to Rankiteo, okta’s AI-generated cybersecurity score is 775, reflecting their Fair security posture.
How many security badges does okta’ have ?
According to Rankiteo, okta currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has okta been affected by any supply chain cyber incidents ?
According to Rankiteo, okta has been affected by a supply chain cyber incident involving okta, with the incident ID OKTSALGOO1769222214.
Does okta have SOC 2 Type 1 certification ?
According to Rankiteo, okta is not certified under SOC 2 Type 1.
Does okta have SOC 2 Type 2 certification ?
According to Rankiteo, okta does not hold a SOC 2 Type 2 certification.
Does okta comply with GDPR ?
According to Rankiteo, okta is not listed as GDPR compliant.
Does okta have PCI DSS certification ?
According to Rankiteo, okta does not currently maintain PCI DSS compliance.
Does okta comply with HIPAA ?
According to Rankiteo, okta is not compliant with HIPAA regulations.
Does okta have ISO 27001 certification ?
According to Rankiteo,okta is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of okta
okta operates primarily in the Architecture and Planning industry.
Number of Employees at okta
okta employs approximately 3 people worldwide.
Subsidiaries Owned by okta
okta presently has no subsidiaries across any sectors.
okta’s LinkedIn Followers
okta’s official LinkedIn profile has approximately 0 followers.
NAICS Classification of okta
okta is classified under the NAICS code 54131, which corresponds to Architectural Services.
okta’s Presence on Crunchbase
No, okta does not have a profile on Crunchbase.
okta’s Presence on LinkedIn
Yes, okta maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/okta.
Cybersecurity Incidents Involving okta
As of January 25, 2026, Rankiteo reports that okta has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
okta has an estimated 9,922 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at okta ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
How does okta detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with cybersecurity experts engaged (crunchbase), and law enforcement notified with yes (crunchbase)..
Incident Details
Can you provide details on each incident ?
Title: ShinyHunters Gang Behind Vishing Attacks Targeting SSO Accounts at Okta, Microsoft, and Google
Description: The extortion group ShinyHunters has claimed responsibility for a series of voice phishing (vishing) attacks targeting single sign-on (SSO) accounts at Okta, Microsoft Entra, and Google, enabling threat actors to breach corporate SaaS platforms and steal data for extortion. Attackers impersonate IT support staff to trick employees into entering credentials and MFA codes on phishing sites, gaining access to SSO accounts and connected enterprise applications like Salesforce, Microsoft 365, Google Workspace, Dropbox, Slack, and Atlassian.
Type: Vishing (Voice Phishing)
Attack Vector: Social Engineering (Impersonation of IT support staff), Phishing Sites
Vulnerability Exploited: Multi-factor Authentication (MFA) Bypass, Credential Theft
Threat Actor: ShinyHunters
Motivation: Extortion, Data Theft
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Vishing calls and Phishing sites.
Impact of the Incidents
What was the impact of each incident ?
Incident : Vishing (Voice Phishing) OKTSALGOO1769222214
Data Compromised: Corporate data, Employee credentials, MFA codes
Systems Affected: SSO AccountsSaaS Platforms (Salesforce, Microsoft 365, Google Workspace, Dropbox, Slack, Atlassian)
Operational Impact: Data exfiltration, Unauthorized access to corporate networks
Brand Reputation Impact: Potential reputational damage due to data breaches
Identity Theft Risk: High (stolen employee and customer data)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Employee Credentials, Mfa Codes, Corporate Data and .
Which entities were affected by each incident ?
Incident : Vishing (Voice Phishing) OKTSALGOO1769222214
Entity Name: SoundCloud
Entity Type: Company
Industry: Music Streaming
Incident : Vishing (Voice Phishing) OKTSALGOO1769222214
Entity Name: Betterment
Entity Type: Company
Industry: Financial Services
Incident : Vishing (Voice Phishing) OKTSALGOO1769222214
Entity Name: Crunchbase
Entity Type: Company
Industry: Business Information
Incident : Vishing (Voice Phishing) OKTSALGOO1769222214
Entity Name: Okta
Entity Type: Company
Industry: Identity and Access Management
Incident : Vishing (Voice Phishing) OKTSALGOO1769222214
Entity Name: Microsoft
Entity Type: Company
Industry: Technology
Incident : Vishing (Voice Phishing) OKTSALGOO1769222214
Entity Name: Google
Entity Type: Company
Industry: Technology
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Vishing (Voice Phishing) OKTSALGOO1769222214
Third Party Assistance: Cybersecurity experts engaged (Crunchbase)
Law Enforcement Notified: Yes (Crunchbase)
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Cybersecurity experts engaged (Crunchbase).
Data Breach Information
What type of data was compromised in each breach ?
Incident : Vishing (Voice Phishing) OKTSALGOO1769222214
Type of Data Compromised: Employee credentials, Mfa codes, Corporate data
Sensitivity of Data: High (Personally Identifiable Information, Corporate Data)
Data Exfiltration: Yes
Personally Identifiable Information: Employee data (phone numbers, job titles, names)
References
Where can I find more information about each incident ?
Incident : Vishing (Voice Phishing) OKTSALGOO1769222214
Source: BleepingComputer
Incident : Vishing (Voice Phishing) OKTSALGOO1769222214
Source: Okta Report
Incident : Vishing (Voice Phishing) OKTSALGOO1769222214
Source: Crunchbase Statement
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: BleepingComputer, and Source: Okta Report, and Source: Crunchbase Statement.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Vishing (Voice Phishing) OKTSALGOO1769222214
Investigation Status: Ongoing
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Vishing (Voice Phishing) OKTSALGOO1769222214
Entry Point: Vishing calls, Phishing sites
High Value Targets: Salesforce, Microsoft 365, Google Workspace,
Data Sold on Dark Web: Salesforce, Microsoft 365, Google Workspace,
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Vishing (Voice Phishing) OKTSALGOO1769222214
Root Causes: Social engineering, MFA bypass, Credential theft
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Cybersecurity experts engaged (Crunchbase).
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an ShinyHunters.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Corporate data, Employee credentials and MFA codes.
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident were SSO AccountsSaaS Platforms (Salesforce, Microsoft 365, Google Workspace, Dropbox, Slack, Atlassian).
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Cybersecurity experts engaged (Crunchbase).
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Corporate data, Employee credentials and MFA codes.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Crunchbase Statement, BleepingComputer and Okta Report.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an Vishing calls and Phishing sites.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting (XSS) exists in the login error view template `login.twig` of versions 2.19.1 and below. The `username` value can be echoed back without proper contextual encoding when authentication fails. An attacker can execute script in the login page context. This issue has been fixed in version 2.19.2.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Description
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the unsafe innerHTML property to render domain search results.
Description
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension during the save process. This allows an unauthenticated attacker to upload arbitrary PHP code by spoofing the MIME type as an image, leading to full system compromise.
Description
A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.
Risk Information
cvss3
Base: 6.0
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
cvss4
Base: 6.0
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description
An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 is a broken cryptographic function, the hashes can be easily reversed using public tools, exposing user credentials in plaintext. This allows remote attackers to perform unauthorized logins and potentially gain access to sensitive POS operations or backend functions.
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=okta' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
