Canva among ~100 targets of ShinyHunters Okta identity-theft campaign

ShinyHunters has targeted around 100 organizations in its latest Okta single sign-on (SSO) credential stealing campaign, according to researchers and the criminal group itself.

In a Monday report, Silent Push researchers said the identity-theft operation set its sights on more than 100 Okta SSO accounts across "high-value enterprises." The cyber threat hunters also listed all of the companies across which they have "detected active targeting or infrastructure preparation directed at your domain" in the last 30 days.

We are not going to list all of the names - head over to the Silent Push blog to check out the organizations, which span multiple industries - but the technology and software firms include Atlassian, AppLovin, Canva, Epic Games, Genesys, HubSpot, Iron Mountain, RingCentral, and ZoomInfo.

To be clear: this doesn't mean any of these companies have been breached. "We have no intel to share on any specific attacks and are unable to ...