Okta hack may hit hard organisations world around

Authentication company Okta had been hacked by the digital extortion gang Lapsus$. As organisations around the world use Okta’s authentication services some of its customers may have been affected, it said.

Several screenshots posted by Lapsus$ in its Telegram channel were indicative of Okta’s internal systems. It included one that appears to show Okta’s Slack channels, and another with a Cloudflare interface.

A hit on Okta would mean humongous implications for organisations, government agencies, educational institutions among others that bank on Okta. Authentication services by Okta by used by companies such as Fedex Corp and Moody’s Corp.

“We have concluded that a small percentage of customers — approximately 2.5% — have potentially been impacted and whose data may have been viewed or acted upon. We have identified those customers and are contacting them directly. If you are an Okta customer and were impacted, we have already reached out directly by email. We are sharing this interim update, consistent with our values of customer success, integrity, and transparency,” Okta’s chief security officer David Bradbury said in a statement.

Also read: Over 60% mid-sized Indian firms fell victim to cyberattack in 2021: Sophos

In a Twitter post earlier on Tuesday, Okta claimed that the Okta service has not been breached and remains fully operational. There are no corrective actions that need to be taken by our customers.

Mentioning the ramifications if one of Okta’s support engineers is compromised, Bradbury said, “The potential impact to Okta customers is limited to the access that support engineers have. These engineers are unable to create or delete users, or download customer databases. Support engineers do have access to limited data — for example, Jira tickets and lists of users — that were seen in the screenshots. Support engineers are also able to facilitate the resetting of passwords and multi-factor authentication factors for users, but are unable to obtain those passwords.” 

Lapsus$ is a South American hacker group that boasts of breaching Samsung, Nvidia, and Ubisoft among others.