"Okta Attack Leads to Cloudflare Hack: Auth Tokens Compromised"

Cloudflare's internal Atlassian server was breached by a suspected nation state attacker who gained access to its Confluence wiki, Jira bug database, and Bitbucket source code management system using stolen Okta credentials. The attackers attempted to access a console server in São Paulo, Brazil, but were unsuccessful. Cloudflare detected the breach on November 23, severed the hacker's access, and conducted extensive remediation efforts. The company assured that customer data and systems were not impacted and is continuing to work on software hardening and credential management. This incident follows a previous breach in October 2023 and a thwarted attempt in August 2022.