Okta hack puts thousands of businesses on high alert
Okta hack puts thousands of businesses on high alert
Okta, the authentication company used by thousands of organizations around the world, says it is investigating reports of possible breaches, Reuters reports. The revelations came after hacking group Lapsus$ posted screenshots on its Telegram channel that claimed to be Okta's internal system, with one showing Okta's Slack channel, and another with a Cloudflare interface.
Any hack on Okta could have major implications for companies, universities and government agencies that rely on Okta to authenticate user access to internal systems.
Writing in its Telegram channel, Lapsus$ claimed that "superuser/admin" had access to Okta's system for two months, but added that its focus was "only on Okta customers." The Wall Street Journal noted that in a recent filing Okta said it has more than 15,000 customers worldwide. It lists the likes of Peloton, Sonos, T-Mobile and the FCC as customers on its website.
In a statement sent to The Verge, Okta spokesman Chris Hollis downplayed the incident and said that Okta had not found evidence of an ongoing attack. “In late January 2022, Okta detected an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors. The matter was examined and vested by sub-process. Hollis said. "We believe the screenshots shared online are linked to this January incident."
"Based on our investigation so far, there is no evidence of ongoing malicious activity beyond what was discovered in January," Hollis continued. However, writing in his Telegram channel, Lapsus$ suggested that it had access for a few months.
Lapsus$ is a hacking group that has claimed responsibility for several high-profile incidents affecting Nvidia, Samsung, Microsoft and Ubisoft, in some cases the theft of hundreds of gigabytes of confidential data.
No comments