SF SaaS Flags
Security & Compliance Automation · Risk Score 98 · Severe

Okta Lawsuits & Legal Trouble

The identity and access management standard — reliable product, eventful security history

Legal actions, regulatory complaints, and BBB filings involving Okta that we've documented from public sources.

Lawsuits & Legal Action CRITICAL Source: TechCrunch · Nov 29, 2023 Added 4d ago

2023 support system breach exposed customer HAR files and impacted 1Password, BeyondTrust, Cloudflare

In October 2023, Okta disclosed a breach of its support case management system. Threat actors accessed customer support tickets containing HAR files with session tokens. Affected customers included 1Password, BeyondTrust, and Cloudflare. Okta initially minimized the scope; later disclosures revealed all support system customers were affected.

Lawsuits & Legal Action HIGH Source: TechCrunch · Mar 22, 2022 Added 4d ago

2022 Lapsus$ breach via support vendor Sitel

In March 2022, Okta disclosed that the Lapsus$ threat actor group had accessed its internal systems via compromised credentials at support subprocessor Sitel. Okta's initial disclosure was criticized as slow and understated.

Our AI scanner searches Reddit, Trustpilot, BBB, and news sources for fresh complaints from the past year, paraphrases what it finds, and adds anything new to this page. Takes up to 90 seconds.

A note on legal complaints

Filings and BBB complaints reflect what customers and counterparties alleged — not what was proven in court. Where possible we link to the original public record so you can read the source yourself. The presence of complaints doesn't establish wrongdoing; the absence doesn't prove innocence.

If you've personally filed a complaint or know of a public action we've missed, tell us.