Okta now says: Lapsus$ may in fact have accessed customer info

2022-03-23 04:14

Identity management as-a-service platform Okta has admitted that the Lapsus$ extortion gang managed to see some of its customers' data, and Microsoft has admitted the gang got its grubby paws on some source code.

An updated post detailing Okta's response to news of an attack on the service sees chief security officer David Bradbury admit "a small percentage of customers - approximately 2.5% - have potentially been impacted and whose data may have been viewed or acted upon."

Bradbury has not described the data that may have been viewed, but as Okta's core service is single sign-on for thousands of cloud services, the possibility that customers' credentials have leaked to unknown parties cannot be discounted.

A single laptop and 375 customers aren't enormous numbers, but Okta customers like Amazon.com, Apple, Microsoft, NTT, and McKesson employ tens or even hundreds of thousands of people.

Microsoft, thankfully, has revealed that while Lapsus$ did indeed manage to see some of its source code - as the gang claimed earlier this week - just one Microsoft account was compromised, and that one offered "Limited access" to source code.

Microsoft's own Azure Active Directory is also on the Lapsus$ hit list - along with Okta.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/03/23/rere/

#lapsus #okta