Security News

Okta's outsourced provider of support services, Sitel has shared more information this week in response to the leaked documents that detailed the various incident response tasks carried out by Sitel after the Lapsus$ hack. The documents, leaked by a researcher online, perpetuated the myth that Sitel stored its domain admin passwords extracted from LastPass in an Excel spreadsheet-a claim now dispelled by Sitel.

An independent security researcher has shared what's a detailed timeline of events that transpired as the notorious LAPSUS$ extortion gang broke into a third-party provider linked to the cyber incident at Okta in late January 2022. Sitel, through its acquisition of Sykes Enterprises in September 2021, is the third-party service provider that provides customer support on behalf of Okta.

On Friday, Okta - the authentication firm-cum-Lapsus$-victim - admitted that it "Made a mistake" in handling the recently revealed Lapsus$ attack. In an FAQ published on Friday, Okta offered a full timeline of the incident, which started on Jan. 20 when the company learned that "a new factor was added to a Sitel customer support engineer's Okta account."

Identity-management-as-a-service outfit Okta has acknowledged that it made an important mistake in its handling of the attack on a supplier by extortion gang Lapsus$. In an FAQ published last Friday, Okta offered a full timeline of the incident, starting from January 20 when the company learned "a new factor was added to a Sitel customer support engineer's Okta account."

Okta has admitted that it made a mistake delaying the disclosure hack from the Lapsus$ data extortion group that took place in January. Okta: "We made a mistake" over late breach disclosure.

Lapsus$ gang says it has breached Okta and MicrosoftAfter breaching NVIDIA and Samsung and stealing and leaking those companies' propertary data, the Lapsus$ cyber extortion gang has announced that they have popped Microsoft and Okta. How to become a passwordless organizationIn this interview with Help Net Security, Den Jones, CSO at Banyan Security, explains the benefits of implementing passwordless authentication and the process every organization has to go through when deploying such technology.

As Lapsus$ data extortion gang announced that several of its members are taking a vacation, the City of London Police say they have arrested seven individuals connected to the gang. The latest public message from the group on Wednesday announced that some of its members were taking a vacation until March 30.

Okta has released additional details about the security incident caused by the Lapsus$ gang, and has named the contractor involved: Sitel. "Like many SaaS providers, Okta uses several companies to expand our workforce. These entities help us to deliver for our customers and make them successful with our products. Sitel, through its acquisition of Sykes, is an Okta sub-processor that provides Okta with contract workers for our Customer Support organization," explained David Bradbury, Okta's chief security officer.

Microsoft on Tuesday confirmed that the LAPSUS$ extortion-focused hacking crew had gained "Limited access" to its systems, as authentication services provider Okta revealed that nearly 2.5% of its customers have been potentially impacted in the wake of the breach. Identity and access management company Okta, which also acknowledged the breach through the account of a customer support engineer working for a third-party provider, said that the attackers had access to the engineer's laptop during a five-day window between January 16 and 21, but that the service itself was not compromised.

Okta is a large company that provides authentication services for companies like FedEx and Moody's to enable access to their networks. Those support engineers have limited access to data.