1Password, a widely used password management platform adopted by more than 100,000 businesses, experienced a security breach when unauthorized individuals gained entry into its Okta ID management system.
Following a comprehensive examination, the company determined that there was no unauthorized access to user data stored within 1Password.
Promptly addressing the issue, they terminated the unauthorized activity, conducted a thorough investigation, and confirmed the absence of any compromise in their data or other critical systems, whether employee-oriented or user-centric.
According to 1Password, threat actors infiltrated their Okta tenant by utilizing a pilfered session cookie belonging to an IT employee.
TPRM report: https://scoringcyber.rankiteo.com/company/1password
"id": "1pa175317124",
"linkid": "1password",
"type": "Breach",
"date": "10/2023",
"severity": "50",
"impact": "1",
"explanation": "Attack without any consequences"
{'affected_entities': [{'industry': 'Software',
'name': '1Password',
'type': 'Company'}],
'attack_vector': 'Stolen Session Cookie',
'description': '1Password experienced a security breach when unauthorized '
'individuals gained entry into its Okta ID management system.',
'impact': {'systems_affected': ['Okta ID Management System']},
'initial_access_broker': {'entry_point': 'Okta ID Management System'},
'investigation_status': 'Completed',
'post_incident_analysis': {'root_causes': ['Stolen session cookie']},
'response': {'containment_measures': ['Terminated unauthorized activity'],
'remediation_measures': ['Conducted a thorough investigation']},
'title': '1Password Security Breach',
'type': 'Security Breach',
'vulnerability_exploited': 'Session Cookie Theft'}