Due to hackers Thousands of businesses on high alert after Okta confirms January breach
After hackers published screenshots overnight allegedly showing access to Okta’s internal systems, the firm has confirmed a January network breach.
On January 21, the Lapsus$ hacking group released several images to its Telegram channel purporting to expose internal Okta applications. Lapsus$ stated that it did not steal data from Okta and that its objective was only on Okta customers.
Announce that Thousands of businesses on high alert after Okta confirms January breach
Hundreds of organizations and governments use Okta as a single sign-on provider to allow employees to access internal systems such as email accounts, calendars, applications, and more securely.
Okta CEO Todd McKinnon confirmed the breach in a tweet thread early this morning: “Late January 2022, Okta detected an attempt to compromise the account of a third-party customer support engineer employed by one of our subprocessors.” “We investigated the situation, discovered it, and fixed it.”
“We believe the screenshots shared online are connected to this January event. Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January.”
McKinnon did not reveal the subprocessor’s name. Okta has yet to respond to our inquiries regarding the breach.
Lapsus’ screenshots were not verified by TechCrunch at the time of publication. Bill Demirkapi, a security researcher, said that the images exhibited several signs suggesting that the hackers may have exploited Okta’s network using a VPN.
Lapsus$ has recently targeted a number of well-known firms, including Nvidia and Samsung. Microsoft announced this week that it was looking into a possible security breach. According to Wired, the campaign was aimed at Portuguese-language targets including media giant Impresa and South American telecom firms Claro and Embratel.
For more such posts click here
