Okta hack puts thousands of businesses on high alert

Illustration by Alex Castro / The Verge

Okta, a company used by thousands of organizations around the world, says it is investigating a potential hack. The disclosure comes as the hacking group Lapsus$ claims to have evidence of Okta's internal systems, including one that appears to show Okta's Slack channels, and another with a Cloudflare interface.

Lapsus$ claims to have had access to Okta's systems for two months, but only for Okta customers, according to The Wall Street Journal. The FCC is listed as a customer on the website.

Okta has not found evidence of an ongoing attack after detecting an attempt to compromise the account of a third party customer support engineer. The matter was contained by the subprocessor.

There is no evidence of ongoing malicious activity beyond the activity detected in January. Lapsus$ suggested that it had access for a few months.

This is our 3rd attempt at sharing the 5th - 8th photo. LAPSUS$ displayed a lot of sensitive information and/or user information, so much so we end up missing to censor some.



Photos 5 - 8 attached below. pic.twitter.com/KGlI3TlCqT

— vx-underground (@vxunderground) March 22, 2022

A hacking group called Lapsus$ has claimed responsibility for a number of high-profile incidents, including stealing hundreds of gigabytes of confidential data.