Skip to main content
close search
site logo
Dive Brief

Okta denies security incident as Lapsus$ group goes on a spree

The identity and access management firm believes screenshots connected with the breach are related to a January security incident that was contained.

Published March 22, 2022
Naomi Eide's headshot
Managing Editor
A single opened padlock glows red among rows of closed blue padlocks.
JuSun via Getty Images

Dive Brief:

  • Okta found no evidence of an ongoing security incident, the company said Tuesday, following claims that the extortion group Lapsus$ breached the identity and access management firm. 
  • The company believes screenshots connected with the breach claim are related to a January security incident where Okta "detected an attempt to compromise the account of a third-party customer support engineer working for one of our sub-processors," the company said in a statement. A sub-processor investigated and contained the January incident.
  • The hacking group Lapsus$ has also claimed responsibility for alleged breaches at Nvidia in February and Microsoft on Monday. The group claimed to have accessed source code for Bing, Bing Maps and Cortana, according to screenshots from the group's official Telegram channel posted on Twitter by research group vx-underground, which shares malware source code and samples. A Microsoft spokesperson said that "we are aware of the claims and are investigating.” 

Dive Insight:

Okta has more than 15,000 customers and partners, including the three biggest cloud service providers, Amazon Web Services, Microsoft and Google Cloud, the company said in year-end filing with the Securities and Exchange Commission. 

An Okta spokesperson said it is continuing its investigation and will provide more information as it becomes available. 

The company was one of many caught by the Log4j vulnerability, which impacted customer agent products, the company said in a December statement. Okta deployed mitigations and patches for components of its identity service that used Log4j shortly after initial disclosure and continued to track subsequently disclosed vulnerabilities associated with the Java-based logging utility. 

The Lapsus$ breach claims sent a number of companies rushing to respond. The group on Telegram shared claims of breaches and leaks at Samsung, LG Electronics and Microsoft, according to screenshots shared by vx-underground.

Inquiries to Samsung and LG were not immediately returned. 

The group also claimed responsibility for the Nvidia breach in February. Following the breach, which resulted in a data leak and credential theft, Nvidia took steps to shore up security, hired incident response experts and notified law enforcement.

"We have no evidence of ransomware being deployed on the Nvidia environment or that this is related to the Russia-Ukraine conflict," a spokesperson said in a statement.

Recommended Reading

Filed Under: Cyberattacks

Editors' picks

Company Announcements

View all | Post a press release
DigiCert Releases First-of-Its-Kind Open-Source DCV Library to Elevate Industry Standards
From DigiCert
December 18, 2024
Only Cynet Delivers 100% Protection and 100% Detection Visibility in the 2024 MITRE ATT&CK Eva…
From Cynet Security
December 11, 2024
Why Cybersecurity Leaders Trust the MITRE ATT&CK Evaluations
From Cynet Security
December 05, 2024
Chemonics International Data Breach Investigation
From Migliaccio & Rathod LLP
December 04, 2024
Editors' picks
Latest in Cyberattacks
Industry Dive is an Informa TechTarget business.
© 2024 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.