Authentication service Okta said four of its customers have been hit in a recent social-engineering campaign that allowed hackers to gain control of super administrator accounts and from there weaken or entirely remove two-factor authentication protecting accounts from unauthorized access. The Okta super administrator accounts are assigned to users with the highest permissions inside an organization using Okta’s service.
Source: Technology Lab – Ars Technica