Security News

Recent claims by the cyber extortion gang have been validated by Okta and Microsoft: Lapsus$ have managed to get their hands on some of Microsoft's source code and have gained access to the laptop of a support engineer working for a third-party contractor for Okta, allowing them to potentially impact approximately 2.5% of the company's customers. After the gang published screenshots from Okta's internal systems and said that they focused their incursion on Okta customers, the company's CEO first said that, in late January 2022, they detected an attempt to compromise the account of a customer support engineer working for one of their subprocessors, and that "There is no evidence of ongoing malicious activity beyond the activity detected in January."

Identity management as-a-service platform Okta says the Lapsus$ extortion gang may in fact have managed to see some of its customers' data, and Microsoft has admitted the crew got its grubby paws on some source code. Okta claims to have more than 15,000 customers, so if 2.5 per cent have been compromised that could be 375 organisations that now need to determine if all logons to their preferred clouds - and the actions taken by authenticated users - were legitimate and/or innocuous.

Identity management as-a-service platform Okta has admitted that the Lapsus$ extortion gang managed to see some of its customers' data, and Microsoft has admitted the gang got its grubby paws on some source code. An updated post detailing Okta's response to news of an attack on the service sees chief security officer David Bradbury admit "a small percentage of customers - approximately 2.5% - have potentially been impacted and whose data may have been viewed or acted upon."

In a new blog post published tonight, Microsoft has confirmed that one of their employee's accounts was compromised by Lapsus$, providing limited access to source code repositories. "No customer code or data was involved in the observed activities. Our investigation has found a single account had been compromised, granting limited access. Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity," explained Microsoft in an advisory about the Lapsus$ threat actors.

Both Microsoft and Okta are investigating claims by the new, precocious data extortion group Lapsus$ that the gang has breached their systems. The purported Okta screenshots included one that appears to show Okta's Slack channels and another with a Cloudflare interface.

The Lapsus$ extortion crew has turned its attention to identity platform Okta and published screenshots purportedly showing the group gaining access to the company's internals. Oliver Pinson-Roxburgh, CEO of security outfit Bulletproof, warned: "As the gatekeeper to the networks and data of thousands of organizations, a breach at Okta would have significant consequences."

After breaching NVIDIA and Samsung and stealing and leaking those companies' propertary data, the Lapsus$ cyber extortion gang has announced that they have popped Microsoft and Okta. The gang has substantiated their claims by leaking torrents supposedly containing partial source code for Bing, Bing Maps, and Microsoft Cortana, as well as posting - a screenshot of an internal Microsoft Azure DevOps account.

Microsoft and authentication services provider Okta said they are investigating claims of a potential breach alleged by the LAPSUS$ extortionist gang. The leaked 37GB archive shows that the group may have accessed the repositories related to Microsoft's Bing, Bing Maps, and Cortana, with the images highlighting Okta's Atlassian suite and in-house Slack channels.

Okta, a leading provider of authentication services and Identity and access management solutions says it is investigating claims of data breach.On Tuesday, data extortion group Lapsus$ posted screenshots in their Telegram channel of what it alleges to be Okta's customer data.

Monday night, the hacking group posted a torrent for a 9 GB 7zip archive containing the source code of over 250 projects that they say belong to Microsoft. When posting the torrent, Lapsus$ said it contained 90% of the source code for Bing and approximately 45% of the code for Bing Maps and Cortana.