Security News > 2022 > March > Okta acknowledges 'mistake' in handling of Lapsus$ attack

Identity-management-as-a-service outfit Okta has acknowledged that it made an important mistake in its handling of the attack on a supplier by extortion gang Lapsus$.

In an FAQ published last Friday, Okta offered a full timeline of the incident, starting from January 20 when the company learned "a new factor was added to a Sitel customer support engineer's Okta account."

Sitel is a third party vendor that Okta uses to provide some customer support services.

The FAQ states that the attempt to add the new factor - a password - was unsuccessful, but on January 21 Okta nonetheless reset the account and notified Sitel, which "Engaged a leading forensic firm to perform an investigation."

When news of the Lapsus$ attack emerged, Okta first dismissed it as unlikely to be a problem for its customers.

The FAQ tries to tie the story up in a bow by asserting that further investigations show no customers were in danger of having their Okta credentials abused - because even if Sitel staff were compromised, individual end users set their own passwords.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/03/28/okta_lapsuss_faq_admits_mistake/