May 29, 2022
Trending Tags
Hackers hit authentication firm Okta, customers 'may have been impacted'

Hackers hit authentication firm Okta, customers ‘may have been impacted’

 – Okta Inc OKTA.O, whose authentication providers are utilized by firms together with Fedex Corp FDX.N and Moody’s Corp MCO.N to supply entry to their networks, stated on Tuesday that it had been hit by hackers and that some customers could have been affected.

The scope of the breach continues to be unclear, but it surely may have main penalties as a result of hundreds of firms depend on San Francisco-based Okta to handle entry to their networks and functions. Read full story

Chief Safety Officer David Bradbury stated in a weblog publish {that a} buyer help engineer working for a third-party contractor had his pc accessed by the hackers for a five-day interval in mid-January and that “the potential impact to Okta customers is limited to the access that support engineers have.”

“There are no corrective actions that need to be taken by our customers,” he stated.

However, Bradbury acknowledged that help engineers had been in a position to assist reset passwords and that some customers “may have been impacted.” He stated the corporate was within the means of figuring out and contacting them.

The character of that affect wasn’t clear and Okta didn’t instantly reply to an e mail asking what number of organizations had been probably affected or how that squared with Okta‘s recommendation that customers didn’t have to take corrective motion.

The corporate’s shares had been down 1.3% at $167.14 in late afternoon buying and selling, off earlier lows.

On its web site, Okta describes itself because the “identity provider for the internet” and says it has greater than 15,000 customers on its platform.

It competes with the likes of Microsoft Corp MSFT.O, PingID, Duo, SecureAuth and IBM IBM.N to supply identification providers equivalent to single sign-on and multifactor authentication used to assist customers securely entry on-line functions and web sites.

 

‘BE VERY VIGILANT’

Okta‘s assertion follows the posting of a sequence of screenshots of Okta‘s inner communications by a bunch of ransom-seeking hackers generally known as Lapsus$ on their Telegram channel late on Monday.

In an accompanying message, the group stated its focus was “ONLY on Okta customers.”

Lapsus$ responded to Okta‘s assertion on Tuesday by saying the corporate was attempting to reduce the significance of the breach.

Some outdoors observers weren’t impressed with Okta‘s rationalization both.

“In my opinion, it looks like they’re trying to downplay the attack as much as possible, going as far as directly contradicting themselves in their own statements,” stated Invoice Demirkapi, an unbiased safety researcher.

Dan Tentler, the founding father of cybersecurity consultancy Phobos Group, earlier informed Reuters that Okta customers ought to “be very vigilant right now.”

There have been already indicators that Okta customers had been taking motion to revisit their safety.

Internet infrastructure firm Cloudflare issued a detailed explanation of the way it reacted to the Okta breach and saying the corporate didn’t imagine it had been compromised in consequence.

FedEx stated in a press release that it too was investigating and “we currently have no indication that our environment has been accessed or compromised.” Moody’s didn’t return a message looking for remark.

Lapsus$ is a comparatively new entrant to the crowded ransomware market however has already made waves with high-profile hacks and attention-seeking conduct.

The group compromised the web sites of Portuguese media conglomerate Impresa earlier this yr, tweeting the phrase “Lapsus$ is now the new president of Portugal” from one newspaper’s Twitter accounts. The Impresa-owned media retailers described the hack as an assault on press freedom. Read full story

Final month, the group leaked proprietary details about U.S. chipmaker Nvidia Corp NVDA.O to the Internet. Read full story

Extra not too long ago the group has presupposed to have leaked supply code from a number of huge tech firms, together with Microsoft. In a blog post printed Tuesday and dedicated to Lapsus$, the software program firm confirmed that certainly one of its accounts had been compromised, “gaining limited access.”

The hackers didn’t reply to a message left on their Telegram group chat looking for remark. – Reuters

Source link