# Is Nexthink affected by the Okta Support System breach?
## Question
Is Nexthink affected by the October 2023 Okta Support System breach?
## Answer
Nexthink has some minor impacts. Nexthink uses Okta as our Identity Provider. Based on the information update from Okta, a report was downloaded by a threat actor that contained Nexthink user information. Our system was not accessed or directly impacted by this breach. **There has been no Nexthink customer data exposure or breach.**
### **Background**
According to reports from Okta, the threat actor ran and downloaded a report that contained the names and email addresses of all Okta customer support system users. The threat actor ran a report that contained the following fields for each user in Okta’s customer support system:
| Created Date | Last Login | Role: Description |
| -------------------------------------------- | ---------------- | ---------------------- |
| **Full Name** | **Username** | **Phone** |
| **Email** | **Company Name** | **Mobile** |
| **User Type** | **Address** | **Time Zone** |
| **\[Date of] Last Password Change or Reset** | **Role: Name** | **SAML Federation ID** |
The report does not include user passwords or sensitive personal data. The primary contact information recorded in the report is full name and email address.
{% hint style="info" %}
Okta Support System breach is related strictly to Nexthink employee's data. There has been no Nexthink customer data exposure or breach.
{% endhint %}
### **How is Nexthink protecting its products against breaches like this?**
Okta notified Nexthink with the individuals whose information was impacted. There are no impacts to any Nexthink customers.
Nexthink has evaluated the risks and suggestions from Okta for risk mitigation. These include:
* **Multi-Factor Authentication** – Nexthink already enforces MFA for all Nexthink employees.
* **Phishing Awareness** – Due to email addresses being exposed, there will be heightened vigilance around Phishing attempts and reports.
* **Configure Authentication Policies** – (Application Sign-on Policies) for access to privileged applications, including the Admin Console, to require re-authentication “at every sign-in”.
* **New Device and Suspicious Activity** – Turn on and test [end-user notifications](https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fhelp.okta.com%2Fen-us%2FContent%2FTopics%2FSecurity%2FSecurity_General.htm\&data=05%7C01%7Cagnieszka.skraburska%40nexthink.com%7Cd541719a23eb4c4b3e2c08dbf2a0550a%7C13387b2982d94ca59fa0b7b5635742ef%7C1%7C0%7C638370542652678161%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C\&sdata=bsg6K5upFGdh%2Ff%2BY21mCHqo9dzkerYYwtJ%2F1XwfYk1w%3D\&reserved=0).
* **Authentication Policies** – Hardening our authentication policies for our Administrators.
Nexthink applies an in-depth defense strategy, in which multiple controls are thoughtfully layered providing together mitigation against various threats. This includes:
* Least Privilege
* Host posture checks
* Restricted access to the management plane
* Continuous monitoring of any suspicious activity
**Nexthink has also achieved the ISO 27001, 27017, 27018, and 27701 and SOC 2 Type 2 certifications for the Nexthink Infinity cloud platform.**
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.nexthink.com/platform/security/security-bulletins/is-nexthink-affected-by-the-okta-support-system-breach_.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.