Okta authentication company’s customer data targeted by the Lapsus$ gang

2022-03-23 14:17

Okta is a large company that provides authentication services for companies like FedEx and Moody's to enable access to their networks.

Those support engineers have limited access to data.

They might, for example, access Jira tickets and lists of users and facilitate password resetting and multifactor authentication for users without being able to obtain those passwords.

Lapsus$ mentioned on its Telegram channel that it did not access/steal any databases from Okta, its focus being only on Okta customers.

In addition to communicating with Okta and determining whether it has seen any suspicious activity regarding their organization, customers with reason to believe they might be at risk should immediately check their access logs for the last few months and look for users who have requested a password reset or changed their multifactor authentication method.

VPN access should also be carefully checked and additional protection should be deployed on it if not done already.

News URL

https://www.techrepublic.com/article/okta-customer-data-targeted-lapsus/

#authentication #lapsus #okta

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Okta		8	1	4	5	0	10