Suspected State-Sponsored Threat Actor Hacks Cloudflare


The web security firm Cloudflare has disclosed that one of its internal systems was compromised by a threat actor using stolen credentials.

After 9 days the threat actor—thought to be state-sponsored—used credentials stolen from the October 2023 Okta hack to gain access to Cloudflare’s internal wiki and bug database, the incident was found on November 23. Because the credentials for three service accounts, an access token, and the stolen login information were not changed after the Okta incident, the attackers were able to investigate and survey Cloudflare systems. As per Cloudflare, the attackers were able to gain entry into an AWS environment, along with Atlassian Jira and Confluence.

However, they were unable to access the Cloudflare dashboard and its Okta instance due to network segmentation.

Read More: Cloudflare Hacked by Suspected State-Sponsored Threat Actor 

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.