1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Okta reportedly hit in serious breach - Lapsus$ strikes again?

    From TechnologyDaily@1337:1/100 to All on Tue Mar 22 11:15:04 2022
    Okta reportedly hit in serious breach - Lapsus$ strikes again?

    Date:
    Tue, 22 Mar 2022 10:58:56 +0000

    Description:
    Lapsus$ posts screenshots of internal messages and tickets, but Okta says
    it's nothing new.

    FULL STORY ======================================================================

    Cybercrime group Lapsus$ has seemingly struck again, with authentication services provider Okta reportedly the latest victim.

    Reuters reports that the group posted screenshots on its Telegram channel, claiming they depict Oktas internal company environment, including internal tickets and in-house Slack chats.

    Okta has already responded to the claims, issuing a statement saying the reports are being investigated and that it would provide updates as more information becomes available. TechRadar needs you!

    We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a 100 Amazon gift card (or equivalent in USD). Thank you for taking part.

    Click here to start the survey in a new window <<

    In a tweet , Okta CEO Todd McKinnon said that the incident was not related to a new hack, but an earlier issue.

    "In late January 2022, Okta detected an attempt to compromise the account of
    a third party customer support engineer working for one of our subprocessors. The matter was investigated and contained by the subprocessor," he wrote.

    "We believe the screenshots shared online are connected to this January
    event. Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January."

    Some have now questioned if this timing means Lapsus$ may in fact have had access to Okta's systems since January 2022. Ongoing threat

    Besides sharing the screenshots, the threat actor claimed to be focused ONLY on Okta customers.

    Whether or not the screenshots are authentic, or if any malware or viruses were used during the attack, is anyones guess at the moment. But given
    Lapsus$ previous record, and the fact that multiple security experts seem to believe in the screenshots authenticity, it could very well end up being
    true. Read More

    Microsoft may be the latest victim of Lapsus$



    Ubisoft fans need to change their passwords now


    Nvidia hackers hit Samsung and leak huge data dump

    Okta is an authentication services provider whose cloud software helps companies manage and secure user authentication, as well as allowing developers to build identity controls into apps, website web services, and endpoints .

    Its hard to say exactly how many customers the company is serving, but we do know that in 2019, its had more than 100 million registered users. It also
    has more than 5,000 employees, and brings in roughly $1.3 billion in revenue.

    In March 2021, the company signed a definitive agreement, acquiring Auth0,
    the provider of authentication and authorization services. The deal was reportedly worth $6.5 billion. Check out our list of the best firewalls right now



    ======================================================================
    Link to news story: https://www.techradar.com/news/okta-reportedly-hit-in-serious-breach-lapsusdol lar-strikes-again/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)