Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I know govt. contractors use Okta for authentication. Since names and emails were taken, I expect more targeted phishing attacks as a result of this. Fortunate it wasn’t sensitive data (hopefully.)


Gov orgs usually would use a FedRamp tenant and those weren’t impacted (apparently, my trust in Okta right now isn’t high)


Okta is rated as FedRAMP High...seems like their rating means fuck all imo.


A fedramp high accreditation means you at least have your shit together.

Not easy to fake that one. I guess you could have a shitty coalfire assesor


Having been involved in both sides of other certifications before (not FedRAMP specifically though) my level of trust in them is through the floor. So much meaningless box ticking & not much actual substance.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: