Lapsus$ gang says it has breached Okta and Microsoft

2022-03-22 10:52

After breaching NVIDIA and Samsung and stealing and leaking those companies' propertary data, the Lapsus$ cyber extortion gang has announced that they have popped Microsoft and Okta.

The gang has substantiated their claims by leaking torrents supposedly containing partial source code for Bing, Bing Maps, and Microsoft Cortana, as well as posting - a screenshot of an internal Microsoft Azure DevOps account.

They have also released screenshots from Okta's internal systems, and said that they did not access any Okta databases, but focused on Okta customers.

Security researcher Bill Demirkapi noted that the dates on the screenshots point to the Okta breach happening in late January, and that judging by some of the screenshots, "LAPSUS$ appears to have gotten access to the Cloudflare tenant with the ability to reset employee passwords."

Microsoft has yet to release any findings, but Okta CEO Todd McKinnon shared that in late January 2022, the company detected an attempt to compromise the account of a third party customer support engineer working for one of their subprocessors.

Move on unless Okta reaches out to you that you are involved.

News URL

https://www.helpnetsecurity.com/2022/03/22/lapsus-okta-microsoft/

#lapsus #microsoft #okta

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Microsoft		663	794	4391	4085	3666	12936