After breaching Nvidia, Samsung, Vodafone, etc, the Lapsus$ group now claims to have breached Okta – a leading authentication platform.
Today, the Lapsus$ gang has posted a few screenshots in its Telegram group, pertaining to Okta.com. While the gang claims to have accessed through an admin account, Okta said it’s investigating the incident and will supply more updates when known.
With over 5,000 employees and more than $6 billion market value, Okta is one of the leading services offering authentication services and Identity and access management (IAM) solutions to several big corporations.
A few of the notable clients in its pocket include Siemens, ITV, Pret a Manger, Starling Bank, etc. While it’s trusted to provide reliable security solutions, it’s unfortunate that Okta is now strangled with a data breach issue.
On Tuesday morning, an infamous cybercrime group called Lapsus$ started claiming a breach into Okta.com, where it accessed the platform’s customer data through a “superuser/admin” account. To make this more authentic, the gang posted screenshots indicating the files belonging to Okta.
In late January 2022, Okta detected an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors. The matter was investigated and contained by the subprocessor. (1 of 2)
— Todd McKinnon (@toddmckinnon) March 22, 2022
And one among them stated the date as of January 21st, 2022, making us think the data breach may have happened months earlier. While it didn’t share any of the claimed data, Okta responded to these claims by saying to BleepingComputer as;
“Okta is aware of the reports and is currently investigating. We will provide updates as more information becomes available.” While we await confirmation, the Lapsus$ gang has leaked 37GB of stolen source code belonging to Microsoft!
This data specifically belong to Bing, Cortana, and other Microsoft projects. Microsoft has yesterday stated it’s investigating the claims after reports of the Azure DevOps breach started surfacing online. Also, there’s yet another claim of breaching LG Electronics for the second time in a year made by Lapsus$.