Hundreds of companies that can be affected by Okta hacking
Hundreds of organizations that rely on Octa to gain access to their networks can be affected by cyber attacks in society.
Okta said it was a “worst case scenario” in which 366 of its customers were affected and their “data could be displayed or reported”: their reporting share fell by 9%.
He said he has more than 15,000 customers, from large companies like FedEx to small organizations like Thanet District Council in Kent.
Cyber access to the Lapsus $ hack.
According to Checkpoint Ekram Ahmed, the ransomware group is “a formidable player in South America who has recently been involved in cyber attacks against some key targets.” “The cyber gang is known for blackmail and threats to release sensitive information if the victims’ demands are not met,” he said.
The group has previously claimed to have infiltrated several large companies, including Microsoft.
He said in a blog post that Lapsus $ gained limited access after the account was compromised but no code or customer data was included.
cause fear
Okta originally stated that the January attack involved an external contractor, a “sub-processor” and that “the case is being investigated and collected”.
“There is no evidence of sustained harmful activity outside of the activity recorded in January,” he said. However, with growing concern, Okta has published a number of updated blog posts with many details.
Security Director David Bradbury revealed that the hackers had five days to gain access to a computer owned by a customer service technician working on a sub-processor.
The attack “is when you leave your computer in a cafe where a stranger is sitting in front of your computer, in this case almost with a mouse and keyboard,” he said.
However, the engineer’s computer did not provide a “sacred approach”, hackers were prevented from doing what they could, Okta itself was not compromised and remained fully usable.
“There are no drugs that our customers have to take,” Bradbury added. “Other supervision”
The contractor who hired the engineer, Sykes, part of the Sitel group, said he was “sure there was no longer a security risk.”
However, in collaboration with non-cybersecurity experts, it will “continue to explore and assess the potential security risks to our infrastructure and the markets we support around the world.”
Lapsus $ states that it has not set up an “Octa database” for its online reporting and is only targeting its customers.
None of Okta’s customers reported problems, but Ahmed insisted on “special cyber security and surveillance procedures.”
“The source of the cyberbullying should be released in the coming days,” he added. a lot of use
One Okta customer, Cloudflare, said in a blog post that he did not think he would be compromised.
FedEx told Reuters that “there is no indication that our environment may be exposed or threatened.”
Thanet, who uses Octa to simplify the way employees manage and log in to multiple applications, told BBC News that the attack “did not jeopardize the security of the council’s data,” but “the situation will continue.” solve and check ”.
The National Cyber Security Center says it has “found no evidence of influence in the UK”.