eric_capuano, (edited ) Shame on you, @arstechnica ... You clearly worded the title of this clickbait article to make it seem as if Okta was breached again, when in fact that isn't true at all here.
The BS title: "Okta hit by another breach, this one stealing employee data from 3rd-party vendor"
Titling it "Okta hit by another breach..." is misleading, when the reality is Rightway was the one "hit by a breach"... Okta was indirectly impacted by the breach, and in a way that affects nobody but their employees.
You knew this wasn't appropriate wording for the title, but you chose to capitalize on current events for clicks.
Okta wasn't even the only Rightway customer affected by the breach, so where's your article for every other company "hit by a breach" they had nothing to do with?
Throwing shade, you wrote:
Okta learned of the compromise and data theft on October 12 and didn’t disclose it until Thursday, exactly three weeks later.
This 3rd party breach only affected Okta employees -- who else do they owe a disclosure to? This only affects them! IMHO, the only one that owes anyone a disclosure here is Rightway.I am as big a critic of Okta's breach history as anyone, but needlessly kicking them while they're down feels unethical. Do better.
Edited: to reflect the entire title, which is only 50% clickbait BS.
https://arstechnica.com/security/2023/11/okta-hit-by-another-breach-this-one-stealing-employee-data-from-3rd-party-vendor/ #okta #OktaHack
Add comment