Tech News

Hackers hit authentication firm Okta, drawing concern across security industry

Distressed Patriotic Flag Unisex T-Shirt - Celebrate Comfort and Country $11.29 USD Get it here>>


OKTA
Okta/via REUTERS

March 22, 2022

By Raphael Satter

WASHINGTON (Reuters) -Okta Inc, whose authentication services are used by companies including Fedex Corp and Moody’s Corp to provide access to their networks, is investigating a digital breach after hackers posted screenshots of what they said was internal information.

The scope of the hack is unknown, but it could have major consequences because thousands of companies rely on San Francisco-based Okta to manage access to their networks and applications.

In a statement, Okta official Chris Hollis said the hack could be related to a previously undisclosed incident in January which he said had since been contained. Okta had detected an attempt to compromise the account of a third-party customer support engineer at the time, said Hollis.

“We believe the screenshots shared online are connected to this January event,” he said. “Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January.”

Okta shares were down 2.7% at $164.92 in afternoon trading, off earlier lows.

Okta did not disclose whether clients were affected or if so, how many. It said, “We are continuing our investigation and will provide additional information as it becomes available.”

On its website, Okta describes itself as the “identity provider for the internet” and says it has more than 15,000 customers on its platform.

It competes with the likes of Microsoft Corp, PingID, Duo, SecureAuth and IBM to provide identity services such as single sign-on and multi-factor authentication used to help users securely access online applications and websites.

The screenshots were posted by a group of ransom-seeking hackers known as Lapsus$ on their Telegram channel late on Monday. In an accompanying message, the group said its focus was “ONLY on Okta customers.”

‘BE VERY VIGILANT’

Security experts told Reuters the screenshots appeared to be authentic.

“I definitely do believe it is credible,” said independent security researcher Bill Demirkapi, citing pictures of what appeared to be Okta’s internal tickets and its in-house chat on the Slack messaging app.

Dan Tentler, the founder of cybersecurity consultancy Phobos Group, said he too believed the breach was real and urged Okta customers to “be very vigilant right now.”

Lapsus$ is a relatively new entrant to the crowded ransomware market but already made waves with high-profile hacks and attention-seeking behavior.

The group compromised the websites of Portuguese media conglomerate Impresa earlier this year, tweeting the phrase “Lapsus$ is now the new president of Portugal” from one newspaper’s Twitter accounts. The Impresa-owned media outlets described the hack as an assault on press freedom.

Last month the group leaked proprietary information about U.S. chipmaker Nvidia Corp to the Web.

More recently the group has purported to have leaked source code from several big tech firms.

The hackers did not respond to a message left on their Telegram group chat seeking comment.

(Reporting by Raphael Satter in WashingtonAdditional reporting by James Pearson in LondonEditing by Matthew Lewis)





Source link

TruthUSA

I'm TruthUSA, the author behind TruthUSA News Hub located at https://truthusa.us/. With our One Story at a Time," my aim is to provide you with unbiased and comprehensive news coverage. I dive deep into the latest happenings in the US and global events, and bring you objective stories sourced from reputable sources. My goal is to keep you informed and enlightened, ensuring you have access to the truth. Stay tuned to TruthUSA News Hub to discover the reality behind the headlines and gain a well-rounded perspective on the world.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.