The identity management company Okta Inc. (NASDAQ: OKTA) is pushing back at claims by the hacker group Lapsus$ that it infiltrated the company’s systems and vacuumed up its confidential data.
What Happened: Lapsus$ posted screenshots to its Telegram channel on Monday evening insisting that it was able to gain entry to several of Okta’s systems.
“For a service that powers authentication systems to many of the largest corporations … I think these security measures are pretty poor,” Lapsus$ declared to its Telegram followers.
Okta CEO Todd McKinnon disputed the hackers’ evidence on his Twitter (NYSE: TWTR) page.
“In late January 2022, Okta detected an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors,” McKinnon tweeted.
“The matter was investigated and contained by the subprocessor. We believe the screenshots shared online are connected to this January event. Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January.”
The alleged Okta hack marks the second time this week that Lapsus$ claimed to infiltrate a major tech company. On Sunday, the group posted a data screenshot on Telegram that it identified as coming from Azure, the cloud computing division of Microsoft (NASDAQ: MSFT); Microsoft did not confirm that a hack occurred and said it was investigating the claim.
See Also: ‘I Say Something, And Then It Usually Happens’: 20 Indelible Quotes From Elon Musk
Why It Happened: Lapsus$ began to make itself known in December via Telegram, boasting of its ability to hack into the systems at major corporations including NVIDIA Corp (NASDAQ: NVDA), Samsung Electronics Co Ltd (OTC: SSNLF), Vodafone Group PLC (NASDAQ: VOD), Ubisoft Entertainment (OTC: UBSFY) and MercadoLibre Inc (NASDAQ: MELI).
While some media reports have pegged Lapsus$ as a ransomware operation, they have yet to engage in a system lockdown typical of a ransomware attack. In the case of Okta, Lapsus$ claimed it did not pilfer data but instead was able to access to the 15,000 organizations in its client lineup.
“Remember: The only goal is money, our reasons are not political,” Lapsus$ declared in December on Telegram.
Photo: Pete Linforth/Pixabay.
© 2022 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.