A hacking group called LAPSUS$ claimed late Monday to have breached systems belonging to Okta, a company that builds services to securely log people in to apps and networks. Okta says it’s used by 15,000 global brands, listing customers including Siemens, Hitachi, Moody’s, and Major League Baseball. The shadowy organization released screenshots that appeared to show access to Okta internal systems, including an internal ticketing system and a Slack chat, Reuters reports. But in an overnight Tweet, Okta CEO Todd McKinnon said the issue appeared to be limited to “an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors” in January that was “investigated and contained.”
We believe the screenshots shared online are connected to this January event. Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January. (2 of 2) — Todd McKinnon (@toddmckinnon) March 22, 2022
Okta didn’t immediately respond to an inquiry from Fast Company. Still, the incident likely has some Okta customers on edge, since the service is used to control access to its customers’ sensitive systems. Matthew Prince, the CEO of hosting provider Cloudflare, tweeted that the company is resetting Okta credentials for employees who recently changed their passwords, “out of an abundance of caution,” and it seems likely that other Okta customers will be carefully looking for evidence they were further affected by any hack. So-called supply chain attacks, where software used by multiple organizations is itself compromised to gain access to other networks, have been an issue in recent major security incidents including the 2017 NotPetya malware attack and the more recent compromise of U.S. federal systems through a hack on the software provider SolarWinds. Lapsus$ claimed that “our focus was ONLY on Okta customers,” not the company itself, CNN reports, though it’s unclear exactly what that means. Okta’s stock price dropped by about 6% in early morning trading, but had recovered by midday.
Login to add comment
Other posts in this group
Riddle me this: What exactly is Trello?
Despite counting myself as a heavy-duty power user of the product for well over a decade now, it’s a question I’ve long struggled to answer. Techn
The trope of the starving, broke artist has long maintained a place in the public imagination, even as it has morphed into idealized notions of “‘hustle” or “grindset.” “It’s cool to romanticize [
When Apple first introduced MagSafe for the iPhone in 2020, I did not fully appreciate it.
iPhones had supported wireless charging for a few years at that point—and Android phones starte
Even if you’re a regular Alexa user, there’s a good chance you haven’t discovered some of its most efficient features.
Actually, strike that: There’s a good chance you’
The Fast Company Impact Council is a private membership community of influential leaders, experts, executives, and entrepreneurs who share their insights with our audience. Members pay annual
Cryptocurrency exchange Bybit said last week hackers had stolen digital tokens worth around $1.5 billion, in what researchers called the biggest crypto heist of all time.
Bybit CEO Ben Z
