![]() The rebuttal added: "The potential impact to Okta customers is NOT limited, I'm pretty certain resetting passwords and MFA would result in complete compromise of many clients systems." "Logged in to superuser portal with the ability to reset the Password and MFA of ~95% of clients isn't successful?" ![]() "I'm STILL unsure how it's unsuccessful attempt?" the post stated. Lapsus$ promptly responded to the Okta post by calling the claims "lies." There is no impact to Auth0 customers, and there is no impact to HIPAA and FedRAMP customers. We are actively continuing our investigation, including identifying and contacting those customers that may have been impacted. Support engineers are also able to facilitate the resetting of passwords and MFA factors for users, but are unable to obtain those passwords. Support engineers do have access to limited data-for example, Jira tickets and lists of users-that were seen in the screenshots. These engineers are unable to create or delete users or download customer databases. The potential impact to Okta customers is limited to the access that support engineers have. ![]() Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January. We believe the screenshots shared online are connected to this January event. The matter was investigated and contained by the subprocessor. In late January 2022, Okta detected an attempt to compromise the account of a third-party customer support engineer working for one of our subprocessors. Okta co-founder and CEO Todd McKinnon said on Twitter that the data appears to be linked to a hack that occurred two months ago. "BEFORE PEOPLE START ASKING: WE DID NOT ACCESS/STEAL ANY DATABASES FROM OKTA," the Telegram post stated. The claim, if true, could be serious because Okta allows employees to use a single account to log in to multiple services belonging to their employer. The Lapsus$ group, which first appeared three months ago, said Monday evening on its Telegram channel that it gained privileged access to some of Okta's proprietary data. A relatively new entrant to the ransomware scene has made two startling claims in recent days by posting images that appear to show proprietary data the group says it stole from Microsoft and Okta, a single sign-on provider with 15,000 customers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |