Identity management company Okta has revealed that a hack in September was far more extensive than initially reported. The hackers were able to steal data on all users in Okta’s customer support system, according to the company’s recent announcement.

Previously, Okta had stated that less than 1% of its 18,000+ customers worldwide were affected by the incident. However, they now acknowledge that the impact is much broader. Despite this revelation, Okta has stated that they do not have direct knowledge or evidence that the stolen information is currently being exploited by hackers.

David Bradbury, Okta’s chief security officer, noted in a blog post that the stolen data could potentially be used to target Okta’s customers through phishing or social engineering attacks. The company has refrained from publicly blaming any specific hacking group for the incident.

The majority of the stolen information includes customer names and email addresses. Okta is a trusted provider of cybersecurity solutions relied upon by government agencies and corporations to protect their networks. Unfortunately, this breach is another setback for the company, following a smaller security incident in January that affected up to 366 customers.

Okta’s stock initially experienced a dip following the news of the hack but has since seen a slight recovery.