Okta recently announced that unknown attackers had compromised their customer case management system, using stolen credentials to access HAR (HTTP archive) files shared with customers for troubleshooting single sign-on issues. The breach highlights the risks of relying on third-party providers and the importance of protecting sensitive data. Organizations can take steps to protect themselves by never sharing unsanitized HAR files, protecting all systems that touch customer data, including SaaS and customer support apps, and prioritizing identity security with an "assume breach" mentality. This includes implementing least privilege access controls to prevent catastrophic breaches. A solution like Veza's next-gen Identity and Access Governance (IGA) can help organizations achieve these goals by providing visibility into permissions, monitoring for excess privilege, and enabling intelligent access reviews.