Important Update: Community URLs redirect issues are partially resolved. Learn More. .

This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
100% helpful (5/5)

Archer Security Advisory: Okta Breach

MegONeil
Archer Employee
Archer Employee

‎2022-03-24 01:40 PM - edited ‎2024-02-02 05:54 PM

Archer Identifier

SA-4

 

Applies To

Okta Publication: https://www.okta.com/blog/2022/03/updated-okta-statement-on-lapsus/

 

Details

Archer utilizes Okta for internal corporate SSO and has been developing (but has not yet deployed) Okta use relative to its cloud-based offerings such as Archer Hosting Services, Archer SaaS, and Archer Engage.

Per the above-linked Okta Publication published on March 22, 2022, Okta has “concluded that a small percentage of customers – approximately 2.5% -- have potentially been impacted and whose data may have been viewed or acted upon. [It has] identified those customers and already reached out directly by email.” Archer has received no such communication from Okta and will continue the heightened infrastructure monitoring that was already in progress due to current world events.

March 25, 2022 Update: Archer received a communication from Okta the evening of March 24 which read, "We analyzed more than 125,000 log entries to ascertain what actions were performed by Sitel during the relevant period. Based on this analysis, we have concluded that RSA Archer was not impacted.

Next Steps

Archer will continue to monitor for the latest indicators of compromise (IOCs), including uses of Okta by Archer. This page will be updated with relevant information as Archer reasonably deems necessary. Customers of Archer cloud-based offerings who rely on their own Okta deployments are strongly encouraged to appropriately monitor their Okta implementations. Please check back regularly for more information or direct specific concerns to your Archer Account Manager and/or Archer Technical Support representative.

 

Legal Information

Read and use the information in this Archer Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this advisory, contact Archer Technical Support. Archer distributes Archer Security Advisories in order to bring to the attention of users of the affected Archer products, important security information.

Archer recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. Archer disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement.

In no event shall Archer, its affiliates or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Archer, its affiliates or its suppliers have been advised of the possibility of such damages. Some jurisdictions do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.

 

Was this article helpful? Yes No
Version history
Last update:
‎2024-02-02 05:54 PM
Updated by:
Archer Employee
Contributors