https://www.theverge.com/2022/3/22/22990637/okta-breach-single-sign-on-lapsus-hacker-group
Okta, an authentication firm utilized by 1000’s of organizations world wide, says it’s investigating information of a possible breach, Reuters reviews. The disclosure comes as hacking group Lapsus$ has posted screenshots to its Telegram channel claiming to be of Okta’s inside programs, together with one which seems to point out Okta’s Slack channels, and one other with a Cloudflare interface.
Any hack of Okta may have main ramifications for the businesses, universities, and authorities companies that depend on Okta to authenticate consumer entry to inside programs.
Writing in its Telegram channel, Lapsus$ claims to have had “Superuser/Admin” entry to Okta’s programs for 2 months, however mentioned its focus was “solely on Okta prospects.” The Wall Road Journal notes that in a current submitting Okta mentioned it had over 15,000 prospects world wide. It lists the likes of Peloton, Sonos, T-Cellular, and the FCC as prospects on its web site.
In an announcement despatched to The Verge, Okta spokesperson Chris Hollis downplayed the incident, and mentioned Okta has not discovered proof of an ongoing assault. “In late January 2022, Okta detected an try and compromise the account of a 3rd social gathering buyer help engineer working for one among our subprocessors. The matter was investigated and contained by the subprocessor.” Hollis mentioned. “We imagine the screenshots shared on-line are linked to this January occasion.”
“Based mostly on our investigation thus far, there is no such thing as a proof of ongoing malicious exercise past the exercise detected in January,” Hollis continued. Nevertheless, writing of their Telegram channel, Lapsus$ suggested that it had entry for just a few months.
