• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
okta says security breach by lapsus$ hackers impacted only two

Okta Says Security Breach by Lapsus$ Hackers Impacted Only Two of Its Customers

You are here: Home / General Cyber Security News / Okta Says Security Breach by Lapsus$ Hackers Impacted Only Two of Its Customers
April 20, 2022

Identity and entry management company Okta on Tuesday mentioned it concluded its probe into the breach of a third-party seller in late January 2022 by the LAPSUS$ extortionist gang.

Stating that the “impression of the incident was drastically considerably less than the optimum likely impact” the corporation experienced earlier shared past month, Okta explained the intrusion impacted only two buyer tenants, down from 366 as was originally assumed.

CyberSecurity

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


The security occasion took place on January 21 when the LAPSUS$ hacking team received unauthorized distant entry to a workstation belonging to a Sitel aid engineer. But it only turned public know-how nearly two months afterwards when the adversary posted screenshots of Okta’s internal methods on their Telegram channel.

In addition to accessing two active buyer tenants in the SuperUser application — utilised to perform basic management capabilities — the hacker team is claimed to have viewed confined supplemental data in other purposes like Slack and Jira, corroborating prior stories.

“Command lasted for 25 consecutive minutes on January 21, 2022,” David Bradbury, Okta’s chief security officer, reported. “The threat actor was not able to productively execute any configuration changes, MFA or password resets, or shopper guidance ‘impersonation’ situations.”

CyberSecurity

“The risk actor was not able to authenticate straight to any Okta accounts,” Bradbury additional.

Okta, which has confronted criticism for its delayed disclosure and its managing of the incident, said it has terminated its marriage with Sitel and that it is really building improvements to its client support tool to “restrictively restrict what data a specialized assist engineer can see.”

Observed this post intriguing? Abide by THN on Facebook, Twitter  and LinkedIn to study more special articles we post.


Some components of this article are sourced from:
thehackernews.com

Previous Post: «hackers exploiting recently reported windows print spooler vulnerability in the Hackers Exploiting Recently Reported Windows Print Spooler Vulnerability in the Wild
Next Post: Global Dwell Time Drops but EMEA Lags Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Russian Turla Hackers Hijack Decade-Old Malware Infrastructure to Deploy New Backdoors
  • WhatsApp Unveils Proxy Support to Tackle Internet Censorship
  • Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
  • Blind Eagle Hacking Group Targets South America With New Tools
  • US Family Planning Non-Profit MFHS Confirms Ransomware Attack
  • Microsoft Reveals Tactics Used by 4 Ransomware Families Targeting macOS
  • Dridex Malware Now Attacking macOS Systems with Novel Infection Method
  • Cyber attacks on UK organisations surged 77% in 2022, new research finds
  • WhatsApp to combat internet blackouts with proxy server support
  • The IT Pro Podcast: Going passwordless

Copyright © TheCyberSecurity.News, All Rights Reserved.