Print this page
Published in News

Authentication service had a digital breach

by on23 March 2022


If only there had been an effective way of identifying a person as a hacker

Red faced authentication services provider Okta is investigating a report of a digital breach, after hackers posted screenshots showing what they claimed was its internal company environment.

A hack at Okta could have major consequences because thousands of other companies rely on the San Francisco-based firm to manage access to their networks and applications.

The company was aware of the reports and was investigating, Okta official Chris Hollis said in a brief statement said: "We will provide updates as more information becomes available."

The screenshots were posted by a group of ransom-seeking hackers known as LAPSUS$ on their Telegram channel late on Monday.

In an accompanying message, the group said its focus was "ONLY on Okta customers."

Okta chief executive Todd McKinnon confirmed the breach in a tweet thread overnight on March 22: "In late January 2022, Okta detected an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors. The matter was investigated and contained by the subprocessor. We believe the screenshots shared online are connected to this January event.

Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January."

 

Last modified on 23 March 2022
Rate this item
(0 votes)