---
schema_version: "secwatch.filing_event.v1"
accession: "0001193125-22-109427"
form_type: "8-K/A"
ticker: "OKTA"
cik: "0001660134"
company_name: "Okta, Inc."
filed_at: "2022-04-19T23:59:59+00:00"
generated_at: "2026-06-26T06:33:06.349911+00:00"
event_type: "cyber"
sentiment: "positive"
materiality_score: 0.65
calibrated_materiality_score: 0.65
confidence: "high"
source: SEC EDGAR
---

# Okta concludes investigation into Jan 2022 vendor compromise; impact far less than initially feared

## Summary
- Threat actor controlled a single third-party vendor workstation for 25 minutes on Jan 21, 2022.
- Accessed two active customer tenants in SuperUser app; viewed limited info in Slack and Jira.
- No successful configuration changes, MFA/password resets, or customer impersonation events.
- Threat actor could not authenticate directly to any Okta accounts.
- Company continues to consider the incident not material.

## SEC filing metadata
- accession: 0001193125-22-109427
- form_type: 8-K/A
- ticker: OKTA
- cik: 0001660134
- company_name: Okta, Inc.
- filed_at: 2022-04-19T23:59:59+00:00
- event_type: cyber
- sentiment: positive
- materiality_score: 0.65
- calibrated_materiality_score: 0.65
- confidence: high
- sec_items: 8.01, 9.01
- EDGAR index: https://www.sec.gov/Archives/edgar/data/1660134/000119312522109427/0001193125-22-109427-index.htm
- EDGAR primary document: https://www.sec.gov/Archives/edgar/data/1660134/000119312522109427/d348159d8ka.htm

## Machine-readable alternates
- HTML: https://secwatch.observer/filing/0001193125-22-109427
- JSON: https://secwatch.observer/filing/0001193125-22-109427.json
- Plain text: https://secwatch.observer/filing/0001193125-22-109427.txt

This AI-assisted summary is a reading aid. Review the linked SEC EDGAR filing before relying on any specific claim.