The Okta hack could have serious consequences as thousands of other companies rely on the San Francisco-based company to manage access to their networks and apps.
In a brief statement, Octa official Chris Hollis said the company was aware of the reports and is conducting an investigation.
“We will provide updates as more information becomes available,” he added.
Screenshots were posted by a group of ransom-seeking hackers known as $LAPSUS$ on their Telegram channel late Monday. In an accompanying message, the group said its focus was “only on Okta customers.”
Security experts told Reuters the photos appeared to be authentic.
“I definitely think they’re credible,” said independent security researcher Bill Demirkapi, citing images of what appeared to be Okta’s internal tickets and internal chats on the Slack messaging app.
Dan Tentler, founder of cybersecurity consultancy Phobos Group, said he also believed the breach was real and urged Okta customers to be very careful for now.
Tentler added in an email, “There are timestamps and dates visible in the screenshots that point to January 21 this year, indicating that they may have access for up to two months.”
“Web maven. Infuriatingly humble beer geek. Bacon fanatic. Typical creator. Music expert.”
More Stories
Elon Musk Denies Reports He’s Directing $45 Million to Trump PAC
This extra-long yellow Cadillac electric sedan has a fridge in the back seat.
CrowdStrike shares fall as IT disruption continues