Okta, Inc.

Okta, Inc. (formerly SaaSure Inc.) is an American identity and access management company based in San Francisco.^[2] It provides cloud software that helps companies manage and secure user authentication into applications, and for developers to build identity controls into applications, websites, web services, and devices.^[3] It was founded in 2009 and had its initial public offering in 2017, reaching a valuation of over $6 billion.

Okta, Inc.

Logo since 2022
Headquarters at 100 First Plaza in San Francisco
Formerly	Saasure Inc. (2009–2010)
Company type	Public
Traded as	Nasdaq: OKTA (Class A) Russell 1000 component
Industry	Software
Founded	January 2009; 15 years ago (2009-01)
Founders	Todd McKinnon Frederic Kerrest
Headquarters	100 First Plaza San Francisco, California, U.S.
Area served	Worldwide
Key people	Todd McKinnon (CEO) Frederic Kerrest (COO)
Products	Single Sign-On
Revenue	US$2.26 billion (2024)
Operating income	US$−516 million (2024)
Net income	US$−355 million (2024)
Total assets	US$8.99 billion (2024)
Total equity	US$5.89 billion (2024)
Number of employees	5,908 (2024)
Website	okta.com
Footnotes / references Financials as of January 31, 2024[update].[1]

Products and services

Okta sells six services, including a single-sign-on service that allows users to log into a variety of systems using a single centralized process. For example, the company claims the ability to log into Gmail, Workday, Salesforce and Slack with one login.^[4][5] It also offers API authentication services.^[6]

Okta's services are built on the Amazon Web Services cloud.^[7]

Okta primarily targets enterprise businesses. Claimed customers as of 2020 include Zoominfo, JetBlue, Nordstrom, MGM Resorts International, and the U.S. Department of Justice.^[8]

Okta runs an annual “Oktane” user conference, which in 2018 featured former US President Barack Obama as a keynote speaker.^[9][10][11]

History

Logo until 2022

Okta was co-founded in 2009 by Todd McKinnon and Frederic Kerrest, who previously worked together at Salesforce.^[12]

In 2015, the company raised US $75 million in venture capital from Andreessen Horowitz, Greylock Partners, and Sequoia Capital, at a total initial valuation of US$1.2 billion.^[13]

In 2017, Okta's initial public offering priced at $17.00 per share, trading up on its first day, to raise an additional US$187 million.^[14][15] At the time of its IPO, Sequoia Capital was the biggest shareholder, with a 21.2 percent stake.^[16]

In January 2019, Okta's CEO announced that the company has over 100 million registered users.^[17]

In August 2020, Okta announced that it plans to let most of its employees work remotely on a permanent basis as a result of the COVID-19 pandemic.^[18]

In March 2021, Okta signed a definitive agreement to acquire Auth0 for $6.5 billion.^[19] The deal closed in May 2021.^[20] In August 2021, Okta acquired atSpoke for $90 million.^[21] In December 2023, Okta acquired security firm Spera for approximately $100–130 million.^[22]

Security incidents

On March 9, 2021, hacking collective "Advanced Persistent Threat 69420" breached an Okta office network through a security failure in the company's Verkada camera setup.^[23] They were able to download security footage from the cameras.^[24] One member of the group, Maia Arson Crimew, also revealed that the group had gained root shell access to the network.^[25] In a blog post the next-day, Okta Chief Security Officer David Bradbury minimized the root shell as an "internal support tool" of the camera manufacturer Verkada.^[24] However, the shell would have given the hackers full access to execute any commands on the network, and Cloudflare admitted that a similar hack by the group on that company's network provided them with the same level of access.^[26] Bradbury also said that the threat was contained to an isolated network.

On March 22, 2022, the hacking group LAPSUS$ posted screenshots claiming to be from Okta internal systems.^[27] The next day, Okta concluded that a maximum of 366 of their customers data may potentially have been impacted, further stating that the breach originated with a computer used by one of Okta's third-party customer support engineers to which the hackers had access.^[28]

In December 2022, Okta's source code was stolen when a hacker gained access to their GitHub repository.^[29]

In early October 2023, Okta was notified of a breach resulting in hackers stealing HTTP access tokens from Okta's support platform by BeyondTrust. Okta denied the incident for a number of weeks, but later recognized that a breach had occurred.^[30] Customers impacted by the Okta breach included Caesars Entertainment, MGM Resorts International, 1Password and Cloudflare.^[31][32][33] On November 29th, 2023, it was known that the security incident affected all Okta customers.^[34][35]

References

1. "Okta Form 10-K for the fiscal year ended January 31, 2024". March 1, 2024.
2. Rivas, Teresa (December 6, 2017). "Okta CEO Is Feeling Optimistic. Looks Like Investors Are Too". Barron's. Retrieved April 8, 2018.
3. Bridgwater, Adrian (May 23, 2018). "Okta Insists Identity 'Goes Beyond' Passwords". Forbes. Retrieved March 6, 2019.
4. Ray, Tiernan. "Okta CEO: 'We Exist Because It's a Heterogenous World'". Retrieved 2018-04-08.
5. Ray, Tiernan. "Okta: A Bigger Deal Than Oracle Someday?". Retrieved 2018-04-08.
6. "Okta Wants To Go Big And Go It Alone in Enterprise Software". Fortune. Retrieved 2018-04-08.
7. "This Enterprise Software Unicorn Just Filed to Go Public". Fortune. Retrieved 2018-04-08.
8. "Okta Identity Cloud Securely Connects JetBlue to its Customers". Venturebeat. 2018-03-07. Retrieved 2019-06-26.
9. Bridgwater, Adrian. "Inside Privacy: Okta CEO Takes Hardcore Line On Identity Management". Forbes. Retrieved 2018-04-08.
10. Bort, Julie. "I followed the CEO of $6 billion Okta around and learned the secrets of a tech conference that landed President Obama as a speaker". BusinessInsider. Retrieved 2019-06-26.
11. Thadani, Trisha. "Barack Obama is speaking at a tech conference, but not one you'd expect". SFChronicle. Retrieved 2019-06-26.
12. "Okta CEO McKinnon on the Tech IPO Landscape and Data Security". Retrieved 2018-04-08.
13. Ovide, Shira (2015-09-08). "Okta Raises $75 Million, Boosting Valuation to Nearly $1.2 Billion". WSJ. Retrieved 2018-04-08.
14. "Okta shares soar nearly 39 percent in first day of trading". www.bizjournals.com. Retrieved 2018-04-08.
15. Balakrishnan, Anita (2017-04-07). "Okta skyrockets more than 38% after IPO". CNBC. Retrieved 2018-04-08.
16. "Okta shares soar nearly 39 percent in first day of trading". www.bizjournals.com. Retrieved 2018-04-08.
17. Gurdus, Elizabeth (2019-01-24). "Okta CEO: We now have over 100 million registered users". www.cnbc.com. Retrieved 2019-01-25.
18. Brian Fung (27 August 2020). "Software company Okta will let most of its 2,600 employees work remotely permanently". CNN. Retrieved 2020-09-15.
19. Dignan, Larry. "Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud". ZDNet. Retrieved 2021-03-09.
20. "Okta's Auth0 deal closes: Inside the 8-year, $6.5 billion courtship". Fortune. May 3, 2021. Archived from the original on 4 May 2021. Retrieved 23 June 2022.
21. Novinson, Michael. "Okta Quietly Buys Startup atSpoke to Fuel Identity Governance | CRN". www.crn.com. Retrieved 2024-07-16.
22. "Okta snatches up security firm Spera, reportedly for over $100M". TechCrunch. 2023-12-19. Retrieved 2023-12-19.
23. Turton, William (2021-03-09). "Hackers Breach Thousands of Security Cameras, Exposing Tesla, Jails, Hospitals". Bloomberg. Retrieved 2021-03-10.
24. Bradbury, David (2021-03-10). "A CSO's perspective on the recent Verkada cyber attack". Okta Security. Archived from the original on 2021-03-17. Retrieved 2021-03-16.
25. Paresh, Dave (2021-03-10). "Tesla says Shanghai factory not hacked after breach of Verkada surveillance cameras". Reuters. Retrieved 2021-03-17.
26. Graham-Cumming, John (2021-03-10). "About the March 8 & 9, 2021 Verkada camera hack". The Cloudflare Blog. Archived from the original on 2021-03-10. Retrieved 2021-03-17.
27. "Authentication firm Okta probes report of digital breach". CNN. Retrieved 22 March 2022.
28. Camacho, Antonio Ruiz (2022-03-23). "Okta Says Hundreds of Customers May Have Been Exposed by January Breach". CNET.
29. "Okta had another security incident, this time involving stolen source code".
30. "Hackers Stole Access Tokens from Okta's Support Unit". krebsonsecurity.
31. Goswami, Rohan (2023-10-23). "Okta cybersecurity breach wipes out more than $2 billion in market cap". CNBC.
32. Zaman, Sourov (2023-10-20). "How Cloudflare mitigated yet another Okta compromise". The Cloudflare Blog. Archived from the original on 2023-10-24. Retrieved 2023-10-25.
33. GREIG, JONATHAN (2023-10-24). "How 1Password, Cloudflare affected by Okta compromise". Retrieved 2023-10-25.
34. Identity management company Okta reveals far more extensive hack of its systems
35. Okta admits hackers accessed data on all customers during recent breach

External links

• Official website
• Business data for Okta, Inc.:
  • Google
  • SEC filings
  • Yahoo!