On the heels of news Lapsus$ was claiming it breached Okta, the company’s CEO has confirmed an attempt in January.
Okta is a leading identity and authentication services provider, meaning a successful breach against the company could have disastrous consequences for wide range of industries. Ransomware group Lapsus$ claimed to have successfully breached the company, even providing screenshots as proof. Fortunately, the screenshots Lapsus$ provided are likely from an attempt made in January, one that was contained and poses little risk in the present.
Okta CEO Todd McKinnon made the announcement on Twitter.
In late January 2022, Okta detected an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors. The matter was investigated and contained by the subprocessor. (1 of 2)
We believe the screenshots shared online are connected to this January event. Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January. (2 of 2)
Todd McKinnon (@toddmckinnon), March 22, 2022
The revelation is good news for Okta users, provided no additional details emerge from the company’s investigation.