May 26, 2022

Identity giant Okta confirmed the network breach in January after overnight hackers released screenshots showing access to the company’s internal systems.

On January 21, the Lapsus$ hacker group posted several screenshots on their Telegram channel that allegedly show Okta’s internal application. Lapsus$ stated that it did not steal any data from Okta and focused “only” on Okta customers.

Okta is used by thousands of organizations and governments around the world to securely authenticate and log into corporate networks and internal systems.

IN short tweet threadOkta CEO Todd McKinnon confirmed the January leak in an overnight tweet thread on March 22: “In late January 2022, Okta attempted to access the account of a third-party support engineer who killed one of our customers. Worked on a subprocessor. An investigation has been conducted and is being considered by the sub-processor.”

“We believe the screenshots posted online are from an incident in January of this year. Based on our investigation, there is no evidence of ongoing malicious activity other than what was discovered in January.”

Okta’s McKinnon didn’t mention a subprocessor. Octa has not yet answered gaming-updates’s questions about the hack.

gaming-updates was unable to immediately verify the authenticity of the screenshots posted by Lapsus$. security investigator Bill Demirkapic Said the screenshots contain various artifacts that suggest the hackers may have used the VPN to access the Okta network.

In recent weeks, Lapsus$ has targeted several major companies including Nvidia and Samsung. This week, Microsoft said it was investigating a possible security breach. According to Wired, the group is targeting Portuguese-speaking targets, including Portuguese media giant Impressa and South American telcos Claro and Embratel.

Leave a Reply

Your email address will not be published.