Did The Hacker Group Lapsus$ Penetrate Okta's Systems? What You Need To Know

Zinger Key Points
  • While some media reports have pegged Lapsus$ as a ransomware operation, they have yet to engage in a system lockdown typical of a ransomware attack.
  • In the case of Okta, Lapsus$ claimed it did not pilfer data but instead was able to access to the 15,000 organizations in its client lineup.

The identity management company Okta Inc. OKTA is pushing back at claims by the hacker group Lapsus$ that it infiltrated the company’s systems and vacuumed up its confidential data.

What Happened: Lapsus$ posted screenshots to its Telegram channel on Monday evening insisting that it was able to gain entry to several of Okta’s systems.

“For a service that powers authentication systems to many of the largest corporations ... I think these security measures are pretty poor,” Lapsus$ declared to its Telegram followers.

Okta CEO Todd McKinnon disputed the hackers’ evidence on his Twitter TWTR page.

“In late January 2022, Okta detected an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors,” McKinnon tweeted.

“The matter was investigated and contained by the subprocessor. We believe the screenshots shared online are connected to this January event. Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January.”

The alleged Okta hack marks the second time this week that Lapsus$ claimed to infiltrate a major tech company. On Sunday, the group posted a data screenshot on Telegram that it identified as coming from Azure, the cloud computing division of Microsoft MSFT; Microsoft did not confirm that a hack occurred and said it was investigating the claim.

See Also: 'I Say Something, And Then It Usually Happens': 20 Indelible Quotes From Elon Musk

Why It Happened: Lapsus$ began to make itself known in December via Telegram, boasting of its ability to hack into the systems at major corporations including NVIDIA Corp NVDA, Samsung Electronics Co Ltd SSNLF, Vodafone Group PLC VOD, Ubisoft Entertainment UBSFY and MercadoLibre Inc MELI.

While some media reports have pegged Lapsus$ as a ransomware operation, they have yet to engage in a system lockdown typical of a ransomware attack. In the case of Okta, Lapsus$ claimed it did not pilfer data but instead was able to access to the 15,000 organizations in its client lineup.

“Remember: The only goal is money, our reasons are not political,” Lapsus$ declared in December on Telegram.

Photo: Pete Linforth/Pixabay.

Market News and Data brought to you by Benzinga APIs
Comments
Loading...
Posted In:
Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!