The Wall Street Journal notes that in a recent filing Okta said it had over 15,000 customers around the world. The group also suggested it was using its access to zero in on Okta’s customers. Writing in its Telegram channel, the Lapsus$ hacking group claims to have had “Superuser/Admin” access to Okta’s systems for two months, not just five days, that it had access to a thin client rather than a laptop, and claims that it found Okta storing AWS keys in Slack channels. Support engineers are also able to facilitate the resetting of passwords and MFA factors for users, but are unable to obtain those passwords. Support engineers do have access to limited data - for example, Jira tickets and lists of users - that were seen in the screenshots. SCREENSHOT OF ITS ACTIVATION KEY UBISOFT DOWNLOADThese engineers are unable to create or delete users, or download customer databases. ![]() The potential impact to Okta customers is limited to the access that support engineers have. Here’s what Bradbury says is and isn’t at stake when one of its support engineers is compromised: In an earlier statement on Tuesday afternoon, Okta said that an attacker would only have had limited access during that five-day period - limited enough that the company claims “there are no corrective actions that need to be taken by our customers.” We are sharing this interim update, consistent with our values of customer success, integrity, and transparency.” ![]() If you are an Okta customer and were impacted, we have already reached out directly by email. “We have identified those customers and are contacting them directly. SCREENSHOT OF ITS ACTIVATION KEY UBISOFT UPDATE“We have concluded that a small percentage of customers – approximately 2.5 percent – have potentially been impacted and whose data may have been viewed or acted upon,” Okta chief security officer David Bradbury wrote in an update Tuesday evening. ![]() The disclosure comes as hacking group Lapsus$ has posted screenshots to its Telegram channel claiming to be of Okta’s internal systems, including one that appears to show Okta’s Slack channels, and another with a Cloudflare interface.Īny hack of Okta could have major ramifications for the companies, universities, and government agencies that depend upon Okta to authenticate user access to internal systems. Okta, an authentication company used by thousands of organizations around the world, has now confirmed an attacker had access to one of its employees’ laptops for five days in January 2022 and that around 2.5 percent of its customers may have been affected - but maintains its service “has not been breached and remains fully operational.”
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |