Security News > 2022 > March > Lapsus$ gang says it has breached Okta and Microsoft

Lapsus$ gang says it has breached Okta and Microsoft
2022-03-22 10:52

After breaching NVIDIA and Samsung and stealing and leaking those companies' propertary data, the Lapsus$ cyber extortion gang has announced that they have popped Microsoft and Okta.

The gang has substantiated their claims by leaking torrents supposedly containing partial source code for Bing, Bing Maps, and Microsoft Cortana, as well as posting - a screenshot of an internal Microsoft Azure DevOps account.

They have also released screenshots from Okta's internal systems, and said that they did not access any Okta databases, but focused on Okta customers.

Security researcher Bill Demirkapi noted that the dates on the screenshots point to the Okta breach happening in late January, and that judging by some of the screenshots, "LAPSUS$ appears to have gotten access to the Cloudflare tenant with the ability to reset employee passwords."

Microsoft has yet to release any findings, but Okta CEO Todd McKinnon shared that in late January 2022, the company detected an attempt to compromise the account of a third party customer support engineer working for one of their subprocessors.

Move on unless Okta reaches out to you that you are involved.


News URL

https://www.helpnetsecurity.com/2022/03/22/lapsus-okta-microsoft/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 365 50 1369 2820 161 4400
Okta 8 1 4 5 0 10