Hacker group LAPSUS$ posted photos on its Telegram channel in a single day claiming it achieved administrator entry to Okta, a consumer authentication and knowledge administration firm. And if that is true, it is doubtlessly dangerous for quite a few massive companies that use Okta providers.
“Just a few photographs from our entry to Okta.com Superuser/Admin and varied different techniques,” the hacking group wrote on Telegram,
“For a service that powers authentication techniques to most of the largest firms (and FEDRAMP accredited) I believe these safety measures are fairly poor.”
The hacker group went on to put up in all caps explaining that they did not entry or steal any databases from Okta. “Our focus was ONLY on Okta prospects,” the hacker group defined.
If the screenshots are correct they embrace a timestamp from January of this yr, suggesting the hackers have doubtlessly had entry for months. It is unclear whether or not the hackers nonetheless have entry to Okta techniques. However for its half, Okta claims the hackers solely had restricted entry by means of a subcontractor.
“In late January 2022, Okta detected an try to compromise the account of a 3rd social gathering buyer help engineer working for considered one of our subprocessors,” a spokesperson for Okta, Chris Hollis, stated in an electronic mail to Gizmodo early Tuesday.
“The matter was investigated and contained by the subprocessor. We imagine the screenshots shared on-line are linked to this January occasion. Based mostly on our investigation to this point, there isn’t a proof of ongoing malicious exercise past the exercise detected in January.”
The hack, first reported by Reuterscomes after LAPSUS$ claimed on Monday it had gotten 37 GB value of supply code for Microsoft’s Bing search engine and the Cortana digital assistant.
LAPSUS$ beforehand hacked tech firms like Nvidia, Ubisoft, and Samsung, sometimes working below a knowledge extortion mannequin, as Bleeping Laptop notes. The hacking group will purchase massive quantities of delicate knowledge and demand cash to be able to get a giant payout from the corporate that was hacked. If the sum is not paid, the hacking group leaks the info publicly.
In a extra typical ransomware scenario, the info is encrypted and other people on the within cannot get entry to their very own data anymore, however as Wired factors out, LAPSUS$ does not trouble with locking up any knowledge. The group simply steals it outright, which may be very uncommon.
LAPSUS$ hasn’t made any calls for recognized to be associated to the Okta hack. A minimum of not but.