Okta (OKTA 1.47%) stock took a hit last week after the cloud-based identity-as-a-service provider was implicated in a security breach.
The hacking group Lapsus$ accessed the computer of one of Okta's third-party customer support engineers over a five-day period in January and published screenshots of the incident last week.
Okta said it had not made the January breach public until last week because it was waiting for an investigation to finish. In a statement, Okta Chief Security Officer David Bradbury called the incident "embarrassing" and said he was "greatly disappointed" by the length of time between the company's notification to the third-party support company Sitel and the completion of a full investigative report.
Image source: Getty Images.
The stock fell sharply last week as news came out about the breach, with Okta shares closing the week down 21%.
The sell-off is understandable. After all, Okta is a security company with more than 15,000 companies trusting it to keep the logins, passwords, and access to their websites secure. Okta said that potentially 366 of its customers, or 2.5%, could have been affected by the hack, though the engineer's access did not include things like creating new users or downloading customers' databases. Okta said that the support engineers could reset passwords and multi-factor authentication settings. There is a reputational risk for the company as a security provider, and it's unclear what fallout there will be from the event.
Okta said in an 8-K filing on Monday that it doesn't consider the event to be material, meaning it won't have a meaningful impact on its performance. It also said the service is fully operational and customers don't need to do anything in response to the event.
At least one customer slammed Okta in the wake of the breach, however. Amit Yoran, CEO of cybersecurity company Tenable, criticized Okta in a LinkedIn post, saying, "I am disappointed that we know almost nothing. And it appears that what little we do know was basically forced out of Okta. Trust requires transparency. It doesn't feel that we're getting that."
Why it could be a buying opportunity
Okta stock closed on Friday at $138 a share, down 50% from its peak in November, its lowest price since the pandemic started. On a price-to-sales basis, the stock now trades at 17, its lowest P/S ratio since 2018.
Valuation alone isn't a reason to buy the stock, but prior to the news of the Lapsus$ breach, Okta had been executing flawlessly, growing briskly following its acquisition of Auth0 last year, with strong performance across its key metrics. The stock was arguably trading at a discount before the hack.
But the real reason why the Lapsus$ event could be a buying opportunity is that Okta faces relatively little direct competition in cloud identity software, which includes tools that allow corporate employees and customers to seamlessly log in and access multiple apps through one login.
Okta dwarfs other pure-play identity companies like Ping Identity and One Identity, and it was ranked No. 1 by Gartner in the category of access management. The company is also tackling mostly green space in what it now values as an $80 billion addressable market, competing in workforce identity access and customer identity access.
In an interview with The Motley Fool earlier this month, Okta COO Freddy Kerrest said that in customer identity access, Okta was mostly competing with build-your-own alternatives. Most companies prefer to outsource the work of nuts-and-bolts software functions like identity access management, and Okta should be able to continue to win business from DIY alternatives, especially as companies tend to want to outsource this as they grow. Additionally, demand for developers already outstrips supply, and most companies prefer to have their developers working on company products rather than identity tools that can be taken "off the shelf."
Meanwhile, on the workforce identity access side, Okta has more than 7,000 integrations with other apps, meaning it's already embedded in the day-to-day tech procedures of its more-than-15,000 customers, so switching costs are high. Kerrest said that Microsoft was its closest competitor, but also pointed out that Okta is the number-one identity provider for Microsoft's Office 365 suite. Notably, Microsoft was also hacked by Lapsus$ last week.
Damage control is still needed
Even if Okta's customers have no good alternative in identity, it's still in the company's interest to shore up its reputation after the incident, as critiques like the one from Yoran could impede its growth.
To Okta's customers, it's not fully clear what exposure there was from the hack. Even if it wasn't material, customers still deserve a detailed explanation, even the ones who weren't implicated.
If the company can successfully reassure customers, the cloud stock should have considerable upside potential with its valuation at a four-year low and strong momentum from the Auth0 acquisition as it takes advantage of an $80 billion addressable market.
Given the company's ability to execute in the past, it seems like a smart move to bet on the stock's recovery.
