Okta
2022 - 3 - 22Lapsu$ group claims Okta supply chain attacks (unknown)
The Lapsu$ extortion group posted screenshots to its Telegram channel Monday night they say prove they breached identity management vendor Okta.
"In late January 2022, Okta detected an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors. "None of Lapsus$' claims should be taken at face value," he said via electronic chat. Lapsu$ is a group that extorts the companies under the threat of leaking data - ransom without the ransomware - best known for leaks of Samsung files.
Okta says screenshots from January hack could impact 366 customers (unknown)
Hacker group shared screenshots with Telegram users, saying they believed Okta's security is "pretty poor."
"If true, the breach at Okta may explain how Lapsus$ has been able to achieve part of its recent string successes," Check Point noted in a blog post. Okta's comment comes after a group calling itself Lapsus$ posted screenshots of what they claimed was the company's internal environment through the messenger service Telegram. They added, "For a service that powers authentication systems to many of the largest corporations (and FEDRAMP approved) I think these security measures are pretty poor." Okta, an online identity authentication service used by thousands of U. S. companies to protect their computer networks, said a purported breach of its systems is related to an earlier incident this year.
Hundreds of companies potentially hit by Okta hack (BBC News)
Hundreds of organisations that rely on Okta to provide access to their networks may have been affected by a cyber-attack on the company.
Britain's National Cyber Security Centre said it had "not seen any evidence of impact in the UK". Thanet, which uses Okta to simplify the way staff manage and sign on to multiple applications, told BBC News the hack "has not compromised the security of the council's data" but it "will continue to monitor the situation". Okta initially said the attack, in January, involved a third-party contractor, a "sub-processor", and "the matter was investigated and contained".
Okta says 2.5% of customers breached, as Lapsus$ sows disorder (Cybersecurity Dive)
Dive Brief: A breach at Okta affected 2.5% of its customers, the identity and access management firm ...
Screenshots claiming successful breaches of companies are circulated through social media, putting companies on the defensive. The screenshots were taken from a support engineer's computer at third-party provider Sitel, which was compromised using RDP to gain remote access. - Lapsus$ also claimed to have breached Microsoft, which confirmed Tuesday night an account was compromised, granting limited access.
Okta hack puts thousands of businesses on high alert (unknown)
Okta says it's investigating reports of a potential breach. Hacking group Lapsus$ has posted screenshots to its Telegram channel claiming to be of Okta's ...
However, writing in their Telegram channel, Lapsus$ suggested that it had access for a few months. “In late January 2022, Okta detected an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors. In a statement sent to The Verge, Okta spokesperson Chris Hollis downplayed the incident, and said Okta has not found evidence of an ongoing attack.
Okta should have moved faster to understand report on cyber attack, says CSO (unknown)
That attempt was quickly stopped by Okta. Sitel then hired a forensic investigation firm to look into the incident. Bradbury said Sitel received that report on ...
And it was only hours later that Okta got its hands on the full Sitel report. But he did say the company will send a report to affected customers that shows the actions performed on their Okta tenant by Sitel so they can assess the risks. “Upon reflection, once we received the Sitel summary report last week we should have in fact moved more swiftly to understand its implications.” That attempt was quickly stopped by Okta. Sitel then hired a forensic investigation firm to look into the incident. Bradbury said Sitel received that report on March 10th, and forwarded a summary to Okta on March 17th. It wasn’t clear from Bradbury’s statement whether that information was included in the summary.
Okta Hack? Customers Scramble as Okta Tries to Clarify Breach (unknown)
Authentication firm Okta's statements on the Lapsus$ breach leave key questions unanswered.
The latter is the main mechanism Lapsus$ hackers would likely have abused to take over Okta logins at target organizations and infiltrate. The timing coincides with Lapsus$'s decision to release screenshots, via Telegram, that claim to detail its Okta administrative account access from late January. On Tuesday evening, about eight hours after posting Bradbury's statement, Okta updated the notice with some expanded information.
Explore the last week
- 2024 - 11 - 25, 5 topics across 58 articles.
- 2024 - 11 - 24, 42 topics across 447 articles.
- 2024 - 11 - 23, 49 topics across 740 articles.
- 2024 - 11 - 22, 35 topics across 477 articles.
- 2024 - 11 - 21, 36 topics across 524 articles.
- 2024 - 11 - 20, 43 topics across 580 articles.
- 2024 - 11 - 19, 39 topics across 507 articles.