News and Updates on Information Technology

Okta is investigating allegations of customer data breaches by Lapsus$ Group

Exploit: Credential Compromise (Supply Chain Risk)

Okta: Identity and Access Management Solutions

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 1.299 = Extreme

Lapsus$ also pulled off another high-profile attack, this time against access management company Okta. Lapsus$ announced that it had breached Okta’s security in January on March 22. Supporting the claim, the group published screenshots related to Okta’s internal apps and systems. This one had a bit of a bumpy acknowledgment process by Okta who originally said no customer data was accessed but later clarified, saying “a small percentage of customers – approximately 2.5% – have potentially been impacted and (their) data may have been viewed or acted upon.” A third-party service provider’s previous breach likely also played a part in the incident. No specifics on the data were given. As we stated above, Lapsus$ is typically involved in ransomware operations but no details of any ransomware activity have been reported.

NOTE: Lapsus$ hackers were allegedly detained by UK police following these incidents.

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How It Could Affect Your Customers’ Business Cybercriminals know that service providers are a quick avenue to exploit vulnerabilities that may allow them to penetrate a bigger company’s security.

Source: bleeping computer