1Password Cyberattack Unveils Ripple Effect of Okta Security Breach
1Password Detects Suspicious Activity Following Okta's Security Incident
The attackers attempted to access the IT employee’s Okta dashboard, albeit unsuccessfully. They also made changes to an existing identity provider (IDP) connected to 1Password’s production Google environment and activated the IDP. Ultimately, they requested a report on admin users, which alerted all administrators to the suspicious activity, enabling the company to thwart a more significant security incident.