Here’s What We Know About The Reported Hack On Okta
LAPSUS$ allegedly broke into Okta’s systems late Monday, a company that provides secure login services for apps and networks.
Okta says it’s used by 15,000 global brands, including Siemens, Hitachi, Moody’s, and Major League Baseball.
Reuters reports that the shadowy group released screenshots showing access to Okta internal systems, including a ticketing system and a Slack chat. Okta CEO Todd McKinnon, however, said the issue appeared to be limited to a January “attempt to compromise the account of a third-party customer support engineer working for one of our subprocessors” that had been “investigated and contained.”
Okta didn’t immediately respond to an inquiry from Fast Company.
In any case, some Okta customers may be concerned since the service controls access to its customers’ sensitive systems. Cloudflare CEO Matthew Prince tweeted that the company is resetting Okta credentials for employees who changed their passwords recently, “out of an abundance of caution.” It appears that other Okta customers will carefully look for any evidence that they were further affected.
Security incidents including the 2017 NotPetya malware attack and the more recent compromise of U.S. federal systems through a hack on the software provider SolarWinds involve supply chain attacks, where software used by multiple organizations is compromised to gain access to other networks.
CNN reports that Lapsus$ said “our focus was ONLY on Okta customers,” not the company itself, although it’s unclear what he meant.
The stock price of Okta dropped about 6% in early morning trading but had recovered by midday.