Cloudflare incident following Okta breach

Type

Incident

Actors

Pub. date

February 1, 2024

Initial access

Supply chain vector

Impact

Data exfiltration

Observed techniques

Jira ScriptRunner abuse Create new application user

Observed tools

Targeted technologies

Confluence Server Jira Server BitBucket Server Smartsheet

References

https://blog.cloudflare.com/thanksgiving-2023-security-incidenthttps://blog.cloudflare.com/how-cloudflare-mitigated-yet-another-okta-compromise

Status

Stub

Last edited

Jun 2, 2024 8:02 AM

On November 23, 2023, Cloudflare detected activity in their network related to the Okta support system supply chain attack.