Hacker Group Claims Access to User Authentication Firm Okta

Hacker group LAPSUS$ posted pictures on its Telegram channel in a single day claiming it achieved administrator entry to Okta, a consumer authentication and knowledge administration firm. And if that’s true, it’s probably unhealthy for quite a few massive companies that use Okta providers.

“Just some photos from our access to Okta.com Superuser/Admin and various other systems,” the hacking group wrote on Telegram.

“For a service that powers authentication systems to many of the largest corporations (and FEDRAMP approved) I think these security measures are pretty poor.”

The hacker group went on to put up in all caps explaining that they didn’t entry or steal any databases from Okta. “Our focus was ONLY on Okta customers,” the hacker group defined.

If the screenshots are correct they embrace a timestamp from January of this yr, suggesting the hackers have probably had entry for months. It’s unclear whether or not the hackers nonetheless have entry to Okta methods. But for its half, Okta claims the hackers solely had restricted entry by way of a subcontractor.

“In late January 2022, Okta detected an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors,” a spokesperson for Okta, Chris Hollis, mentioned in an e mail to Gizmodo early Tuesday.

“The matter was investigated and contained by the subprocessor. We believe the screenshots shared online are connected to this January event. Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January.”

The hack, first reported by Reuters, comes after LAPSUS$ claimed on Monday it had gotten 37 GB value of supply code for Microsoft’s Bing search engine and the Cortana digital assistant.

LAPSUS$ beforehand hacked tech corporations like Nvidia, Ubisoft, and Samsung, usually working beneath a knowledge extortion mannequin, as Bleeping Computer notes. The hacking group will purchase massive quantities of delicate knowledge and demand cash with a purpose to get an enormous payout from the corporate that was hacked. If the sum isn’t paid, the hacking group leaks the info publicly.

In a extra typical ransomware state of affairs, the info is encrypted and other people on the within can’t get entry to their very own data anymore, however as Wired factors out, LAPSUS$ doesn’t trouble with locking up any knowledge. The group simply steals it outright, which could be very uncommon.

LAPSUS$ hasn’t made any calls for identified to be associated to the Okta hack. At least not but.