Thousands on high alert after hackers claim to have breached authentication app Okta
THOUSANDS of businesses are on high alert after Okta said Tuesday that it is investigating a report of a digital breach.
The authentication services provider made the announcement after hackers posted screenshots showing what they claimed was its internal company environment.
A hack at Okta could have major consequences because thousands of other companies rely on the San Francisco-based firm to manage access to their own networks and applications.
In a statement, Okta official Chris Hollis said the breach could be related to an earlier incident in January, which was contained.
Okta had detected an attempt to compromise the account of a third party customer support engineer at the time, said Hollis.
"We believe the screenshots shared online are connected to this January event," he said.
Read more about hackers
"Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January".
The screenshots were posted by a group of ransom-seeking hackers known as LAPSUS$ on their Telegram channel late on Monday
In an accompanying message, the group said its focus was "ONLY on Okta customers."
Security experts told the screenshots appeared to be authentic.
Most read in News Tech
"I definitely do believe it is credible," said independent security researcher Bill Demirkapi, citing pictures of what appeared to be Okta's internal tickets and its in-house chat on the Slack messaging app.
Dan Tentler, the founder of cybersecurity consultancy Phobos Group, said he too believed the breach was real and urged Okta customers to be "very vigilant right now."
LAPSUS$, who have a strong social media presence on Telegram, are focused on data theft rather than ransomware.
They tend to threaten to leak the victim's stolen files unless they receive payment.
While they seemed to target mainly Portuguese-language victims at first such as Portuguese media firm Impresa and Brazil's health ministry, they have now expanded to more companies across the world.
Lapsus$ have targeted other big names over the past few months including Samsung, Nvidia, and Ubisoft.
In February 2022, the group stole one terabyte of data from Nvidia including sensitive information, source code, usernames and passwords.
Read More on The Sun
A few days later the hackers announced they had stolen 190 gigabytes of data from Samsung including information about the Galaxy smartphone biometric authentication system.
On March 10, Ubisoft released a statement confirmed it suffered a breach.
READ MORE SUN STORIES
It read: “Ubisoft experienced a cyber security incident that caused temporary disruption to some of our games, systems, and services.
“As a precautionary measure we initiated a company-wide password reset … There is no evidence any player personal information was accessed or exposed as a by-product of this incident.”
- Read all the latest Phones & Gadgets news
- Keep up-to-date on Apple stories
- Get the latest on Facebook, WhatsApp and Instagram
Best Phone and Gadget tips and hacks
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered...
- How to get your deleted Instagram photos back
- How to track someone on Google Maps
- How can I increase my Snapchat score?
- How can I change my Facebook password?
- How can I do a duet on TikTok?
- Here's how to see if your Gmail has been hacked
- How can I change my Amazon Alexa voice in seconds?
- What is dating app Bumble?
- How can I test my broadband internet speed?
- Here's how to find your Sky TV remote in SECONDS
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]