1Password

1Password

1Password, a widely used password management platform adopted by more than 100,000 businesses, experienced a security breach when unauthorized individuals gained entry into its Okta ID management system.

Following a comprehensive examination, the company determined that there was no unauthorized access to user data stored within 1Password.

Promptly addressing the issue, they terminated the unauthorized activity, conducted a thorough investigation, and confirmed the absence of any compromise in their data or other critical systems, whether employee-oriented or user-centric.

According to 1Password, threat actors infiltrated their Okta tenant by utilizing a pilfered session cookie belonging to an IT employee.

Source: https://www.google.com/url?q=https://www.bleepingcomputer.com/news/security/1password-discloses-security-incident-linked-to-okta-breach/%23google_vignette&sa=D&source=editors&ust=1705497796825183&usg=AOvVaw3IZfMxbwVQFlCwW8kJxy7H

TPRM report: https://scoringcyber.rankiteo.com/company/1password

"id": "1pa175317124",
"linkid": "1password",
"type": "Breach",
"date": "10/2023",
"severity": "50",
"impact": "1",
"explanation": "Attack without any consequences"
{'affected_entities': [{'industry': 'Software',
                        'name': '1Password',
                        'type': 'Company'}],
 'attack_vector': 'Stolen Session Cookie',
 'description': '1Password experienced a security breach when unauthorized '
                'individuals gained entry into its Okta ID management system.',
 'impact': {'systems_affected': ['Okta ID Management System']},
 'initial_access_broker': {'entry_point': 'Okta ID Management System'},
 'investigation_status': 'Completed',
 'post_incident_analysis': {'root_causes': ['Stolen session cookie']},
 'response': {'containment_measures': ['Terminated unauthorized activity'],
              'remediation_measures': ['Conducted a thorough investigation']},
 'title': '1Password Security Breach',
 'type': 'Security Breach',
 'vulnerability_exploited': 'Session Cookie Theft'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.