Okta, an enterprise identity and access management firm, is the latest victim of a possible data breach. The firm said that it is currently investigating the incident as the LAPSUS$ hacking group posted screenshots of the data breach on several social media platforms.
Okta is Investigating a Potential Data Breach
According to The Verge, the LAPSUS$ hacking group claimed that the screenshots of the breach were taken after they accessed Okta.com Superuser/Admin and various other systems.
The images were shared over Twitter, Telegram, and social media networks this week.
LAPSUS$ said that the security measures of Okta are very poor considering that the firm supports the authentication systems of several massive corporations. The hacking group clarified that they did not access or steal any databases from the firm, as their only focus are the Okta customers.
In an emailed statement on Mar. 22, Okta said that the screenshots shared online are connected to a security event in January. Okta stated that they detected an attempt to compromise the account of a third-party customer support engineer working for one of their subprocessors.
Okta added that the matter was investigated and contained by the subprocessor, and they believe that the screenshots shared online are connected to that event. The firm said that there is no evidence of ongoing malicious activity beyond the activity detected earlier this year based on their investigation to date.
Cloudflare's CEO Matthew Prince tweeted that they were aware that the firm might have been compromised. Prince said that there is no evidence that Cloudflare has been compromised and the firm is just an identity provider for the company. Cloudflare has multiple layers of security beyond Okta and would never consider them the only option.
Lapsus$ Hacking Group
The Lapsus$ is a hacking group that has raised itself through the ranks by breaking into many high-profile companies' systems to steal information and threaten to leak them online unless payments are made.
The recent breaches that are connected to the infamous Lapsus$ hacking group include Nvidia, Ubisoft, and Samsung, according to ZDNet.
On Mar. 20, a screenshot was shared that suggested an alleged Microsoft breach may have happened, potentially through an Azure DevOps account, even though the post has since been deleted. Microsoft is currently investigating.
Okta is a San Francisco-based firm that has publicly traded with thousands of customers, including several technology vendors. The company accounts for Moody's, FedEx, JetBlue, T-Mobile, and ITV, among its high-profile clients.
Ekram Ahmed, the spokesperson at Check Point, said that Lapsus$ is a hacking group known for extortion. It is also a group known to constantly threaten the release of sensitive information they stole if their demands are not met.
Ahmed added that the group has boasted about hacking into Ubisoft, Samsung, and Nvidia. How the group managed to breach the targets has never fully been clear, and if true, the breach at Okta may explain how the group has been able to achieve its recent string of success.
In 2017, Okta filed for an initial public offering of $100 million.
In 2019, one of Okta's former employees was arrested after hacking thousands of yahoo accounts to steal nude photos.
Related Article:NVIDIA Hackers Was Allegedly Hacked Back by NVIDIA: Data 'Un-Stolen?'
This article is owned by Tech Times
Written by Sophie Webster