cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Kyaw_Myo_Oo
Contributor II

Cloudflare hacked using auth tokens stolen in Okta attack

Dear all,

 

Cloudflare disclosed today that its internal Atlassian server was breached by a suspected 'nation state attacker' who accessed its Confluence wiki, Jira bug database, and Bitbucket source code management system.

The threat actor first gained access to Cloudflare's self-hosted Atlassian server on November 14 and then accessed the company's Confluence and Jira systems following a reconnaissance stage.

 

Cloudflare hacked using auth tokens stolen in Okta attack (bleepingcomputer.com)

 

Thanksgiving 2023 security incident (cloudflare.com)

 

 

 

 

Kyaw Myo Oo
Manager , CB BANK PCL
CCIE #58769 | PCNSE | CCSE | CISSP | PMP
2 Replies
Early_Adopter
Community Champion

Ooof.

I wonder if they had ensured removal of all secrets from that code repo(if not could be a really big breach).
Kyaw_Myo_Oo
Contributor II

Thanks for sharing your thoughts and view @Early_Adopter .

 

 

Kyaw Myo Oo
Manager , CB BANK PCL
CCIE #58769 | PCNSE | CCSE | CISSP | PMP