Skip to main content
close search
site logo
Dive Brief

Okta rides out cyberattack fallout with ‘minimal impact’

CEO and Co-Founder Todd McKinnon said it’s going to take some time before Okta can put the cyberattack behind it.

Published May 30, 2024
Matt Kapko's headshot
Senior Reporter
Okta office
Photo collage on a wall in an Okta office. Courtesy of Okta

Dive Brief:

  • Okta executives said the September cyberattack that exposed all of the company’s customer support system clients has yet to have a discernible impact on the identity and access management provider’s financial performance. 
  • “While it’s difficult to quantify the impact on our business,” Okta CEO and Co-Founder Todd McKinnon said Wednesday on the company’s fiscal 2025 first quarter earnings call, “our analysis continues to suggest minimal impact on our financial results.” This was the second full quarter of operations for the business since the attack occurred.
  • The identity and access management provider said it’s made meaningful progress in elevating the security of its products and internal operations, but more investment and work is required.

Dive Insight:

Okta responded to the support system breach, which followed a string of attacks against high-profile customer environments last summer, by slowing product development and making security its top priority.

The company remains buoyant despite a bruised reputation.

“We’re struggling to find quantifiable evidence that there has been an impact related to the security incident,” Okta CFO Brett Tighe said on the earnings call. “Now, granted, there’s always the potential that there are deals we’re not seeing.”

Okta’s leaders are cautious, yet optimistic performance will improve as the company works on its pledge to harden corporate infrastructure, embody secure-by-design principles across its products and champion best practices. The company also said it will invest $50 million in a fund to address external cybersecurity challenges over the next five years.

“We have already seen Okta make significant improvements to the security of their products since the recent breaches,” James Maude, director of research at BeyondTrust, said via email. “The risk is that these features are not enabled by default, only available on certain plans or only enabled on new instances.”

BeyondTrust joined Cloudflare and 1Password in coming forward early as downstream victims of the attack against Okta’s support portal.

It’s going to take some time before Okta can put the cyberattack behind it and gain more confidence in removing the potential impacts from its financial guidance, McKinnon said.

Potential fallout in the form of customer churn or slower growth could still occur, but that hasn’t yet shown up in Okta’s results. “There’s such a deep customer set and such a large amount of annual contract value, it’s hard to way the metrics with one or two quarters,” Tighe said.

Okta ended the fiscal 2025 first quarter, which ended April 30, with 19,100 customers, including 150 net new customer additions during the quarter. Total customers grew 6% from the year-ago period.

The company reported a quarterly net loss of $40 million on $617 million in revenue, which was up 19% year over year. Okta hasn’t reported a quarterly profit since it went public in April 2017.

Filed Under: Strategy

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
CUSO Financial Services, LP Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
Mystic Valley Elder Services Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Editors' picks
Latest in Strategy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell