Thinking

5.5M

ADT: Vishing → Okta SSO → Salesforce, 5.5M Records

Voice phishing of a help-desk operator compromised Okta SSO credentials. The attacker walked into Salesforce as a legitimate user and exfiltrated 5.5 million customer records. No malware, no zero-day, no credential stuffing — just a phone call.

Source: ADT 8-K filing / BleepingComputer reporting

78.6M

Rockstar Games: Snowflake Breach via Third-Party Anodot Tokens

ShinyHunters stole authentication tokens that the analytics vendor Anodot held for its customers' Snowflake environments. The attacker queried Rockstar Games' data warehouse using those tokens — looking, to Snowflake, like a normal analytical workload. Over a dozen Anodot customers were caught in the same wave.

Source: TechCrunch / Help Net Security

$150M

LastPass Breach Leads to $150M Crypto Theft Years Later

Federal prosecutors linked a $150M cryptocurrency heist to the 2022 LastPass breach. Seed phrases stored in Secure Notes were compromised.

Source: KrebsOnSecurity

Microsoft Entra ID July 2024 Outage: The IdP as Single Point of Failure

A regional Azure / Entra ID disruption in July 2024 blocked sign-ins for thousands of tenants. Microsoft 365, third-party SSO apps, and downstream services that federated to Entra ID all degraded together — exactly because they federated.

Source: Microsoft service health post-mortem

8.5M

CrowdStrike Falcon Outage: When Identity Recovery Also Goes Down

A single Falcon sensor content update bricked an estimated 8.5 million Windows endpoints worldwide. The recovery story exposed a quieter problem: identity recovery paths assume the endpoints, MFA devices, and IdP integrations are all working.

Source: CrowdStrike Preliminary Post-Incident Review

165

Snowflake: 165 Customers Breached via Stolen Credentials

Threat actor UNC5537 used infostealer-harvested credentials to access 165 Snowflake customer environments. 80%+ had prior credential exposure. None had MFA.

Source: Mandiant / Google Cloud

KuppingerCole: IAM 2026 and the Rise of AIdentity

KuppingerCole's Research Compass for IAM 2026 advances the Identity Fabric architecture and positions AI as increasingly integral to identity itself. The firm's framing of autonomous, AI-driven identity systems for managing high-volume machine identities puts architecture, not product, at the centre.

Source: KuppingerCole Research Compass (AN82012)

$27.5B

Forrester: IAM Investment to Double to $27.5B by 2029

IAM spending is projected to nearly double from $13.4B (2024) to $27.5B by 2029, driven by machine identity and AI governance needs.

Source: Forrester Research

KuppingerCole Leadership Compass: The ITDR Market Takes Shape

KuppingerCole's November 2025 Leadership Compass on Identity Threat Detection and Response (LC81209, Alejandro Leal) is a vendor comparison of a market that, three years ago, did not have a name. The category's existence is itself the finding worth reading.

Source: KuppingerCole Leadership Compass (LC81209)

IDC FutureScape 2025: Identity Spending to Outpace Network by 2027

IDC's FutureScape research projects that identity-security spending will exceed traditional network-security spending in the enterprise budget mix by 2027. The shift tracks the move of the security perimeter from network to identity.

Source: IDC FutureScape — Worldwide Future of Trust

40%

Gartner: Over 40% of Agentic AI Projects Cancelled by 2027

Gartner predicts that over 40% of agentic AI projects will be cancelled by the end of 2027, driven by escalating costs, unclear business value, or inadequate risk controls. The same firm names agentic AI its headline strategic technology trend. Both can be true at once.

Source: Gartner press release (Jun 2025)

KuppingerCole: What CIAM Has to Mean in 2025

KuppingerCole's session on how to do CIAM in 2025 and beyond, led by analyst John Tolbert, defines customer identity broadly: not a login box, but registration, consent, fraud signals, progressive profiling, and identity assurance across the full customer relationship.

Source: KuppingerCole webinar (John Tolbert)