Okta Data Breach Lawsuit

Legal Representation for Victims of Data Breaches in California

The Data Breach Attorneys at Potter Handy Law Firm have the knowledge and resources to thoroughly examine your case, conduct an investigation into the breach, and, when needed, fight for justice.

Potter Handy LLP is currently reviewing cases on behalf of individuals affected by the Okta data breach. These individuals may have had their personal and confidential information illegally accessed by an unknown third party during the Okta data breach. Potter Handy LLP will conduct a complimentary assessment of your data breach claim in order to safeguard the rights and privacy of all those impacted by the Okta data breach.

We are only interested in claims that arose in California.

About Okta

Headquartered in San Francisco, California, USA, Okta operates globally, delivering services to a diverse clientele across various industries and regions. The company offers a comprehensive suite of solutions for identity and access management (IAM), covering Single Sign-On (SSO), Multi-Factor Authentication (MFA), User Lifecycle Management, API Access Management, Adaptive Authentication, and more. Renowned for extensive integration capabilities, Okta empowers organizations to seamlessly link its identity solutions with a broad spectrum of applications, services, and platforms. Providing identity management solutions for thousands of businesses, Okta enables a unified sign-on experience for employees. Okta has forged partnerships with various technology vendors, including major cloud service providers, to augment its offerings and deliver a seamless experience to customers. Serving a diverse clientele, ranging from small and medium-sized enterprises to large multinational corporations, Okta tailors its solutions to meet the specific needs of businesses in various sectors such as finance, healthcare, and technology. However, this prominence also makes it a high-profile target for hackers who may exploit vulnerabilities or misconfigurations to gain unauthorized access to a range of targets.

What Happened?

In September 2023, Rightway Health, an Okta vendor, experienced a security incident wherein files from April 2019 through 2020 were exfiltrated from its IT environment. These files contained personal information about employees and their dependents from 2019/2020. According to Rightway, the unauthorized activity occurred on September 23, 2023. Rightway notified Okta on October 12, 2023, that an unauthorized actor had gained access to an eligibility census file maintained by Rightway in its provision of services to Okta. In response to the discovery of the incident, Okta launched an investigation and reviewed the affected file to determine the extent of the impact on its current and former employees, as well as their dependents. The investigation revealed that the impacted file contained sensitive and personal information.

In its initial incident reports about the breach, Okta stated that the hackers gained unauthorized access to files within Okta’s customer support system, affecting 134 Okta customers—less than 1% of Okta’s customer base. However, in an updated statement published on November 29, 2023, Okta revealed that it had determined the intruders also stole the names and email addresses of all users in the Okta customer support system.

View an example of what the letter looks like.

If you received notification that a data breach had exposed your personal information, you should contact our highly qualified Data Breach Lawyers. These attorneys can effectively protect your legal rights and ensure that those responsible for causing the harm are held accountable.

By selecting a qualified Data Breach Lawyer in California, you can be assured that your interests are protected thoroughly during the entire case, providing you with peace of mind.

Contact us online or call our data breach intake professionals at (415) 534-1911.

What Information Was Involved in the Okta Data Breach?

The investigation has concluded that the incident may have led to unauthorized access to certain confidential information.

The types of personal information contained in the impacted eligibility census file included:

  • Name
  • Address
  • Date of birth
  • Email address
  • Medical treatment
  • Social Security Number
  • Health plan information
  • Demographic information
  • Health insurance information
  • Medical insurance plan number

All of the specific files that may have been accessed or removed could not be determined.

Protecting Consumers’ Privacy Rights Following the Okta Data Breach

If you were notified that your information had been stolen as a result of the Okta data breach, you may be entitled to compensation or other remedies.

Please call (415) 534-1911 for an appointment with Mark Potter and Jim Treglio of Potter Handy LLP in San Francisco. During this call, our intake professionals will review your claim regarding the Okta data breach. Free Consultations 24/7. No out-of-pocket expenses.