Sure, but what I was referring to was the fact the attackers claim to specifically be attacking okta customers themselves. I’m saying there is a high overlap between fedramp and companies which somewhere in the organization there will be access to highly sensitive info. Not saying they are in possession of, but have access to for many contracts.
No secret or top secret info is permitted in the typical Impact Level 4 and Impact Level 5 FedRAMP systems. Okta is only certified at IL4 I think.
AWS & Azure do offer IL6, meaning information processed up to the SECRET classification.