Tech

Okta says hundreds of his customers may have been caught hacking

HANGKONG— Act Inc.,

OKTA -9.53%

one of the world’s leading providers of digital identity verification, said the January data breach uncovered by hackers this week could affect hundreds of customers relying on its software to manage secure access to their internal computer networks.

Okta said the attack affected 366 customers, or 2.5% of the more than 15,000 businesses and institutions it serves around the world. The hacking, claimed by the Lapsus $ group, came from a laptop of an engineer hired by a subcontractor to which hackers had access between January 16 and 21, Okta reported on Tuesday.

Okta said it contacted customers who were potentially affected. Shares of Okta fell 9.2% to $ 151.12 in the morning trading.

Reports of the hack came earlier this week after Lapsus $ posted screenshots of Okta’s internal systems on its Telegram social media account. The group said its main goal was not Okta but its customers.

In separate statements Tuesday, Okta said the screenshots were from a computer used by a support engineer from the Sitel Group subcontractor’s Miami unit. Taking control of the computer effectively gave hackers the same level of access as the engineer, according to Okta.

Support engineers can only access limited data, and while they can help reset passwords and multi-factor authentication factors, they can’t see the passwords themselves, Octa said. The engineer did not have “godlike access” and had no right to create or delete user accounts, download customer databases, or access source code repositories.

“Here the scenario is similar to leaving a computer in a coffee shop when a stranger (almost in this case) sat behind your car and uses a mouse and keyboard.”

Okta said it reported the violation to Sitel in late January, and Sitel has hired an outside law firm to investigate. The full results of the investigation were summarized from Okta on Tuesday, he said, expressing disappointment at the time needed to release the results.

A division of Sitel, where the break-in took place, in Tampa, Florida, Sykes Enterprises Inc., said it had taken prompt action to contain the incident after learning of the break-in. “After completing the initial investigation, working in partnership with a world leader in cybersecurity, we continue to investigate and assess the potential security risks for both our infrastructure and the brands we support around the world,” Sykes said in a statement on Tuesday. .

«“Here the scenario is similar to leaving a computer in a coffee shop when a stranger (almost in this case) sat behind your car and uses a mouse and keyboard.”


– Act

In a subsequent report in the Telegram Lapsus $ challenged some of Okta’s findings. He denied that he had compromised the laptop, and said support engineers had more access than Okta offered, including to internal communications. He also questioned Okta’s assertion that the impact of the breach on customers was limited. The ability to reset passwords and multi-factor authentication factors will “completely compromise the systems of many customers,” Lapsus $ said.

Asked about the hackers’ claims, Okta’s spokesman referred to an earlier statement by the company, which described the restrictions on hacking.

In a blog post Tuesday, Microsoft Corp.

confirmed that he had been hacked by the group and that for several weeks had been tracking what she described as a large-scale Lapsus $ campaign against several organizations. He described the group as often acting openly and not trying to hide their tracks using extortion and data destruction.

As you know, after gaining access to the organization, the group listened to crisis calls and internal messaging forums, Microsoft said.

The group, which speaks to Telegram in Portuguese and broken English, cut its teeth with attacks in Brazil, Portugal and the UK before expanding to target some of the world’s largest and most prestigious companies. In recent weeks, Lapsus $ has taken credit for hacking Apple Inc.,

Samsung Electronics The company

and Nvidia Corp.

It also seized individual accounts on cryptocurrency exchanges and depleted users ’holdings.

Write Dan Strumpf at daniel.strumpf@wsj.com

Copyright © 2022 Dow Jones & Company, Inc. All rights reserved. 87990cbe856818d5eddac44c7b1cdeb8

Okta says hundreds of his customers may have been caught hacking

Source link Okta says hundreds of his customers may have been caught hacking

Back to top button