In October 2023, Okta Security reported unauthorized access to its support case management system due to stolen credentials, affecting several vendors, including BeyondTrust. The breach, initially detected by BeyondTrust, involved attackers using stolen cookies to impersonate users by accessing HTTP Archive (HAR) files containing sensitive session data. Approximately 170 Okta customers, including Cloudflare, BeyondTrust, and 1Password, were impacted. Okta responded by revoking session tokens and recommending enhanced security practices, such as sanitizing HAR files and implementing stringent multi-factor authentication (MFA) measures. Coralogix, unaffected by the breach, emphasized the importance of proactive security measures through its Snowbit Security Research Centre, advising customers on policy controls, session management, and the use of strong hardware MFA to prevent similar incidents.