What happened

Shares of cloud-based cybersecurity company Okta (OKTA -0.10%) snapped a five-day losing streak on Monday, shooting up 8.3% through 3:10 p.m. ET.

The reason: Okta filed an official update on its findings about the well-publicized hack of its systems that was revealed last week -- and according to Okta, it's just not that big of a deal.

Arrow angles up on a green stock chart.

Image source: Getty Images.

So what

As Okta explained in an 8-K filing with the Securities and Exchange Commission (SEC), published Friday after close of trading, "there was a five-day window of time between January 16-21, 2022 when [a] cybercrime group had access to ... a computer used by a customer support engineer employed by a third-party vendor that supplies customer support services to Okta." Said cybercrime group "published a number of screenshots online that were taken from" that computer on March 21 -- which is what kicked off the current kerfuffle.

That being said, "based on the findings of [an investigation conducted by] the vendor's forensic firm" and "validated" by Okta's "own analysis," at most 2.5% of Okta's customers may have been affected by this incident, which "is not ongoing and has been remediated." The hackers were "unable to create or delete users, download customer databases, or access the Company's source code repositories [or] obtain [user] passwords."

Now what

Long story short, in Okta's opinion at least, the hack that occurred in January also ended in January -- and is not now "material" to Okta's business. Case closed.

But should it be? Even giving Okta management the benefit of the doubt, and even assuming the hack really is over and done with, and was immaterial in its effect, there's still the question of whether Okta -- a company that has never earned a profit, and that is not expected to earn a profit anytime in the foreseeable future (according to analyst forecasts) -- should really be gaining 8% today on the news that the hack wasn't as material as it might have been.

It's great that this cybersecurity company didn't get hacked as badly as feared. But it's still more than a little concerning that it got hacked at all.