The intruders - likely agents of a nation state, according to Prince et al - obtained one service token and three service account credentials through that 2023 Okta compromise.
Because Cloudflare incorrectly believed those tokens were unused, it failed to rotate them.
Collection
[
|
...
]