Cyber company Okta is latest potential victim of Lapsus$ hackers

Written by
Mar 22, 2022 | CYBERSCOOP

Identity authentication company Okta, which provides services to thousands of companies as well as U.S. government agencies, acknowledged Tuesday morning that it had investigated an incident in January that was related to screenshots posted online Monday night by a hacking group.

“In late January 2022, Okta detected an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors,” company Okta CEO Todd McKinnon tweeted. “The matter was investigated and contained by the subprocessor.”

The tweet was in response to the latest posts by the cybercrime group Lapsus$ on its Telegram channel, according to multiple reports overnight.

“We believe the screenshots shared online are connected to this January event,” McKinnon said. “Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January.”

Any spillover from such an incident could have far-reaching implications for the cybersecurity of Okta customers, who use the company’s single sign-on (SSO) services — including password managers — to control access to their networks and applications.

Lapsus$, in theory, could use data stolen from Okta to access accounts of its customers.

Read More: