Okta has confirmed a January network breach after hackers posted a picture of their access to the company's internal systems.
The Lapsus$ hacking group published several pictures on its Telegram channel purporting to show internal Okta applications. Lapsus$ claimed that it did not steal data from Okta and only focused on Okta customers.
Okta is used by thousands of organizations and governments worldwide as a single sign-on provider, allowing employees to securely access a company's internal systems, such as email accounts, calendars, applications and more.
Okta discovered an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors. The matter was contained by the subprocessor.
We believe the online images are connected to the January event. There is no evidence of ongoing malicious activity beyond the activity detected in January.
The subprocessor was not named by McKinnon. Okta has not responded to questions about the incident.
It was not immediately clear if the screenshots posted by Lapsus$ were authentic. The security researcher said that several artifacts in the screenshots suggest that the hackers may have used a virtual private network to gain access to Okta's network.
Several big-name companies have been targeted by Lapsus$ in recent weeks. Microsoft said it was looking into a possible security issue. The group focused on Portuguese-language targets, including Impresa, Claro and Embratel.
If you know anything about the Okta incident, you can contact the security desk on Signal by email or by phone.
All Rights Reserved © 2024
