This is very bad news for users of the services of the American firm specializing in Okta authentication.
This Tuesday, March 22, the company acknowledges investigating a potential breach after the publication of screenshots of the group of hackers Lapsus$ on Telegram.
Lapsus$ repeats and hacks this time Okta
In a statement to the agency Reuters, Chris Hollis, senior manager at Okta, officially acknowledges that the company he works for is investigating a potential security breach. The main problem is that beyond the seriousness that such a cyberattack would represent, Okta specializes in the management and especially the securing of authentication.
Follower of ransomware, the Lapsus$ group did not communicate about a possible ransom to be paid by the firm to avoid a leak of data from its customers. Because on Telegram, Lapsus$ claims above all to be interested in this precious data. The hackers also posted screenshots of what is authenticated by concordant sources as coming from Okta’s internal environment.
Another point to clarify, Chris Hollis said in his press release that the breach exploited by hackers had been identified by a security incident in January 2022. However, it had supposedly been filled since. The investigation will therefore shed light on the chronology and the facts, because Hollis adds that “ screenshots shared online are related to this January event ” and ” based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January “.
Hackers do not target Okta as a structure, but its customers
However, the seriousness of the facts is not yet known since the Lapsus$ hacker group only claimed responsibility for the attack on the evening of Monday March 21. The latter has also distinguished himself over the past two years for having hacked the site of the Brazilian Ministry of Health, or even large companies such as NVIDIA, Samsung, and Ubisoft more recently.
Additionally, Okta claims nearly 15,000 business customers. And its services are used in particular to fight against the hacking of the data of their employees or their customers. Suffice to say that the news is a stain. As a result, several experts including Dan Tentler, the founder of cybersecurity consultancy Phobos Group, recommend “ very careful at the moment to Okta customers.
On the same subject :
Cybercrime: with the LOPMI law, the government wants to take a step against ransomware
Sources: Reuters
, The Record
, ZDNet
1