October 3, 2022

Brighton Journal

Complete News World

Okta breach: Authentication firm investigating hacking claim from LAPSUS $

Okta breach: Authentication firm investigating hacking claim from LAPSUS $

The Okta hack could have serious consequences as thousands of other companies rely on the San Francisco-based company to manage access to their networks and apps.

In a brief statement, Octa official Chris Hollis said the company was aware of the reports and is conducting an investigation.

“We will provide updates as more information becomes available,” he added.

Screenshots were posted by a group of ransom-seeking hackers known as $LAPSUS$ on their Telegram channel late Monday. In an accompanying message, the group said its focus was “only on Okta customers.”

Security experts told Reuters the photos appeared to be authentic.

“I definitely think they’re credible,” said independent security researcher Bill Demirkapi, citing images of what appeared to be Okta’s internal tickets and internal chats on the Slack messaging app.

Dan Tentler, founder of cybersecurity consultancy Phobos Group, said he also believed the breach was real and urged Okta customers to be very careful for now.

Tentler added in an email, “There are timestamps and dates visible in the screenshots that point to January 21 this year, indicating that they may have access for up to two months.”

See also  Fitch and Moody's downgrade Russia's sovereign rating to junk