Lapsus$ Found a Spreadsheet of Passwords as They Breached Okta, Documents Show

Do you develop on GitHub? You can keep using GitHub but automatically sync your GitHub releases to SourceForge quickly and easily with this tool so your projects have a backup location, and get your project in front of SourceForge's nearly 30 million monthly users. It takes less than a minute. Get new users downloading your project releases today. × 160149371 story

The post was from the getting-to-the-bottom-of-things dept.

The Lapsus$ hackers used compromised credentials to break into the network of customer service giant Sitel in January, days before subsequently accessing the internal systems of authentication giant Okta, according to documents seen by TechCrunch that provide new details of the cyber intrusion that have not yet been reported. The report adds: [...] The documents provide the most detailed account to date of the Sitel compromise, which allowed the hackers to later gain access to Okta's network. [...] The documents, obtained by independent security researcher Bill Demirkapi and shared with TechCrunch, include a Sitel customer communication sent on January 25 -- more than a week after hackers first compromised its network -- and a detailed timeline of the Sitel intrusion compiled by incident response firm Mandiant dated March 17 that was shared with Okta.

According to the documents, Sitel discovered a security incident in its gateways on a legacy network that it acquired in 2021. The attackers used remote access services and publicly accessible hacking tools to compromise and navigate through the network, gaining deeper visibility to the network over the five days that Lapsus$ had access. According to Sitel, its cloud infrastructure was also compromised by hackers. According to the timeline, the hackers accessed a spreadsheet on the internal network of Sitel early on January 21.

Slashdot

Kolide reaches out once a day when it observes an issue that affects your organization's security goals. Message your employees on Slack providing customized security and compliance recommendations for their Linux, Mac and Windows devices.

It is possible to try for free.

ARAY(0x55fbdc233050)