Okta Inc. has discovered that hackers who breached its network two months ago stole information on all users of its customer support system — a scope far greater than the 1% of customers the company had previously said were affected.
Yeah, they handle SSO between platforms. Not the registrations though.
They just handle the SSO part, if you have three systems connected, you need to sync the users between them on your own, then they can log them in to all three .
That's not completely true. That's often the ideal way to use them (especially with integrating pre-existing applications). But they do offer (crappy) user stores in their auth0 product which can handle registration including UI.
By now, that's been stolen from so many companies that I wonder how much new info is really being compromised compared to what's already out there. Speaking anecdotally, my spam already comes personalized. Like, even the obviously-not-from-a-partner phishy-looking stuff.
True, but I think the point here is context. What the hackers get here is the context that X recipient gets email on X address from Okta so I'd more likely than not to respond.