Security News > 2022 > April > Sitel on Okta breach: "spreadsheet" did not contain passwords
Okta's outsourced provider of support services, Sitel has shared more information this week in response to the leaked documents that detailed the various incident response tasks carried out by Sitel after the Lapsus$ hack.
The documents, leaked by a researcher online, perpetuated the myth that Sitel stored its domain admin passwords extracted from LastPass in an Excel spreadsheet-a claim now dispelled by Sitel.
On Monday, March 28th, infosec researcher Bill Demirkapi shared documents that he called the "Mandiant report" showing a detailed timeline of Okta breach and the incident response activities conducted by Sitel, Okta's third-party support provider.
In a statement released this week Sitel addressed the "Reported inaccuracies" that alleged the spreadsheet contained passwords or that the spreadsheet was responsible for the security incident.
Further, Sitel blamed the January breach on "Legacy" infrastructure at newly acquired Sykes which contributed to the incident.
BleepingComputer noticed, like many enterprises, both Sitel and Sykes are Zoom customers, and Okta and Zoom also maintain a business relationship, implying it would've been in Zoom's best interest to minimize any conflict of interest should there have been an 'ask' from its customers.