It's misleading because grammatically, what one would usually say in this situation is something like "Okta detected what it believed at the time was an unsuccessful attempt", because the statement's narrative is set in the present - and we now know the attack (not "attempt") was successful. Wording it as they did in their statement obfuscates the events that took place, and certainly reads like a deliberate attempt to downplay the severity of the breach.
