# Is Nexthink affected by the Okta breach?

## Question <a href="#isnexthinkaffectedbytheoktabreach-question" id="isnexthinkaffectedbytheoktabreach-question"></a>

Is Nexthink affected by the recent Okta breach?

## Answer <a href="#isnexthinkaffectedbytheoktabreach-answer" id="isnexthinkaffectedbytheoktabreach-answer"></a>

**No, Nexthink is not impacted.** Nexthink has received formal confirmation from Okta that it has not been identified as part of the potentially affected customers. While Nexthink relies on Okta for corporate accounts and API management, additional authentication factors are enforced based on third-party technologies, along with posture checks that are required for production environment access.

There is no impact on the Nexthink production cloud environment. Nexthink security team is actively reviewing internal logs and has not detected any abnormal activity.

Nexthink will continue to monitor the situation and provide further updates as they become available.

### **Background**

On 22 March 2022, authentication provider Okta confirmed an attempted compromise of an account related to a third-party customer support engineer, who had been working for one of their sub-processors. The statement from Okta showed several screenshots that had been posted by the Lapsus$ cyber extortion group, which has risen in prominence in recent months. Lapsus$ has targeted several enterprise technology companies, breaching significant amounts of data and posting it on their dedicated Telegram data leak channel.

### **How is Nexthink protecting its products against breaches like this?**

Nexthink applies an in-depth defense strategy, in which multiple controls are thoughtfully layered providing together mitigation against a wide variety of threats. This includes:

* Multifactor authentication
* Host posture checks
* Restricted access to the management plane
* Continuous monitoring of any suspicious activity

**Nexthink has also achieved the ISO 27001, 27017 and 27018 and SOC 2 Type I certifications for the Nexthink Experience cloud platform.**


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.nexthink.com/platform/security/security-bulletins/is-nexthink-affected-by-the-okta-breach_.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.