Authentication security seller Okta is investigating promises by a prolific ransomware group that it had admin entry to its again-conclusion programs for months, most likely enabling it to target a vary of huge-name providers.
The Lapsus team has in latest weeks exposed breaches of huge brand tech corporations including Nvidia, Samsung, Ubisoft and Vodafone. This week, the most current emerged as Microsoft following the group claimed to have leaked 37GB of the tech giant’s resource code on line.
Fears are now emerging that it was the group’s compromise of multi-factor authentication professional Okta that enabled it to obtain so numerous tech firms more than these kinds of a brief period of time.

Protect and backup your data using AOMEI Backupper. AOMEI Backupper take secure and enxrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized seller: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
Lapsus screenshots reshared on Twitter indicate that the team experienced “superuser” or admin entry to Okta.com.
“For a services that powers authentication units to lots of of the greatest corporations (and FedRAMP accredited) I think these security actions are quite bad,” it wrote. “Before persons commence asking: we did not obtain/steal any databases from Okta – our concentration was only on Okta customers.”
Alongside superuser rights, the group’s screenshots purportedly demonstrate that they experienced access to Okta’s AWS, Jira, Confluence, Zoom, Salesforce, Splunk, Google Workspace and other inside enterprise accounts.
One particular of them is dated 21 January 2022, indicating that Lapsus had been energetic within the firm for at least two months. It could be that it is publicizing the reality now because its accessibility rights have ultimately been revoked.
The intel also implies that it was a contractor’s account that was initially compromised, enabling the ransomware actors to infiltrate Okta’s network and finally focus on its buyers.
Lapsus posted the Microsoft leak to its Telegram channel on Sunday, demonstrating that it managed to compromise an Azure DevOps server that contains resource code for Bing, Cortana and other projects.
Some sections of this report are sourced from:
www.infosecurity-magazine.com