As we shared earlier today, we are conducting a thorough investigation into the recent LAPSUS$ claims and any impact on our valued customers. The Okta service is fully operational, and there are no corrective actions our customers need to take.
After a thorough analysis of these claims, we have concluded that a small percentage of customers – approximately 2.5% – have potentially been impacted and whose data may have been viewed or acted upon. We have identified those customers and already reached out directly by email. We are sharing this interim update, consistent with our values of customer success, integrity, and transparency.
Posted May 24, 2022 - 11:37 CDT
Monitoring
Reported Okta Compromise by Lapsus$ group
Source: BleepingComputer, Reuters
Screenshots of Okta’s support system were leaked out recently via a data extortion group known as Lapsus$. The group claimed to have gained superuser access to Okta’s internal systems. In late January 2022, Okta detected an attempted compromise by one of their third-party support engineers.
The matter was investigated and contained by the third-party vendor. According to Okta “Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January.”. They also reported that they believe the recent screenshots leaked by the Hacker group were connected to the January event.
Lapsus$ is a relatively new entrant to the crowded ransomware market but already made waves with high-profile hacks and attention-seeking behavior. Earlier hacks include Microsoft, Nvidia, and LG.
Ascend Technologies is aware of the situation. We are closely monitoring user accounts and will respond accordingly if any anomalous activity or signs of compromise are detected. We will continue to monitor the situation and will update you if any new developments occur.