June 26, 2022

TheCyberThrone

Thinking Security ! Always

Okta Investigates the possible Lapsus$ Data Breach Claims

Okta, a cloud-based software that enables its customers to manage and secure user authentication into applications. According to its website, the software giant currently has over 15,000 customers.

Okta announced that it is investigating reports of a possible digital breach. Post the announcement of the Okta data breach. Its shares went down by nearly 8% in the premarket trading on Tuesday

Advertisements

Lapsus$, a hacking group, claimed responsibility for the Okta digital breach by publishing screenshots claiming access to an Okta internal administrative account and its Slack channel.

Lapsus$ also claimed that their focus was only on Okta customers post the Okta data breach. Since December, the hacking group claims to have stolen data from several high-profile corporate victims. The Okta data breach could impact thousands of businesses as it comes as a nightmare to Okta as well as its customers.

LAPSUS$ has been linked to damaging hacks of Ubisoft, Samsung, and Vodafone in recent weeks. On Monday the prolific group boasted of one of its biggest victims to date, alleging it had compromised Microsoft’s internal Azure DevOps server and subsequently leaked 37GB of stolen source code for several Microsoft projects.

Lapsus$ appears to favor extorting victims based on threats to publish stolen sensitive data rather than encrypting data and demanding payment in return for a decryption key.

Advertisements

These ransom demands became rather unconventional in the case of US chipmaker Nvidia, which it reportedly tried to blackmail into removing mining hash rate limiters on certain graphics cards and open sourcing its GPU drivers.

%d bloggers like this: