Okta revises LAPSUS$ impact upwards to potentially 2.5% of customers

Okta has again updated its blog post related to the LAPSUS$ intrusion first revealed by the hacking gang on Tuesday.

“After a thorough analysis of these claims, we have concluded that a small percentage of customers — approximately 2.5% — have potentially been impacted and whose data may have been viewed or acted upon. We have identified those customers and are contacting them directly,” Okta CSO David Bradbury said.

“If you are an Okta customer and were impacted, we have already reached out directly by email.”

Earlier this month in its fourth-quarter results, the company said it had 15,000 customers, of which 2.5% is 375.

The company said it would be conducting a pair of technical webinars on the event on Wednesday.

See also: Okta: Lapsus$ attackers had access to support engineer’s laptop

For its part, LAPSUS$ said it gained access to a superuser portal that could reset the password and multifactor authentication of 95% of clients.

“For a company that supports zero-trust, support engineers seem to have excessive access to Slack? 8.6k channels?” the group said.

“The potential impact to Okta customers is NOT limited, I’m pretty certain resetting passwords and MFA would result in complete compromise of many clients

Read More: https://www.zdnet.com/article/okta-revises-lapsus-impact-upwards-to-potentially-2-5-of-customers/#ftag=RSSbaffb68