Okta confirms January breach after hackers publish screenshots of its internal network – RegularFeed

Id large Okta has confirmed a January community breach after hackers posted screenshots in a single day apparently exhibiting entry to the corporate’s inside programs.

The Lapsus$ hacking group printed a number of screenshots to its Telegram channel purporting to point out inside Okta functions on January 21. Lapsus$ claimed it didn’t steal information from Okta, and that its focus was “solely” on Okta clients.

Okta is utilized by hundreds of organizations and governments worldwide to safe the authentication and sign-in safety for firm networks and inside programs.

Okta chief govt Todd McKinnon confirmed the breach in a tweet thread in a single day on March 22: “In late January 2022, Okta detected an try to compromise the account of a 3rd celebration buyer assist engineer working for one among our subprocessors. The matter was investigated and contained by the subprocessor.”

“We consider the screenshots shared on-line are related to this January occasion. Based mostly on our investigation up to now, there isn’t a proof of ongoing malicious exercise past the exercise detected in January.”

McKinnon didn’t title the subprocessor. Okta has not but responded to RegularFeed’s questions in regards to the breach.

RegularFeed couldn’t instantly confirm the authenticity of the screenshots posted by Lapsus$. Safety researcher Bill Demirkapi mentioned that the screenshots comprise a number of artifacts that counsel the hackers might have used a VPN to achieve entry to Okta’s community.

Lapsus$ has focused a number of big-name firms in latest weeks, together with Nvidia and Samsung. Simply this week Microsoft mentioned it was investigating a attainable safety breach. In response to Wired, the group targeted on Portuguese-language targets, together with Portuguese media large Impresa, and the South American telecom firms Claro and Embratel.

If you recognize extra in regards to the Okta breach or work on the firm, get in contact with the safety desk on Sign at +1 646-755-8849 or [email protected] by electronic mail.

Source link

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button