The gang announced the alleged hack through its Telegram channel and shared a series of screenshots as proof of the hack. Some of the images published by the threat actors appear to be related to the company’s customer data.
The message published by the group claims that the gang had Superuser and Admin access to multiple systems of the company.
The company is investigating claims of a data breach which, if confirmed, could pose serious risks to the customers of the company.
“Okta is aware of the reports and is currently investigating,” states a spokesperson for the company. “We will provide updates as more information becomes available.”
Todd McKinnon, CEO at Okta, confirmed that in late January 2022, the company detected an attempt to compromise the account of a third party customer support engineer working for one of its subprocessors.
McKinnon added that there is no evidence of ongoing malicious activity that resulted from the activity detected in January.
A few hours ago, Lapsus$ also leaked data stolen from Microsoft‘s internal Azure DevOps server. The gang leaked an archive containing 37GB of source code allegedly belonging to Microsoft.
Over the last months, the Lapsus$ gang compromised other prominent companies such as NVIDIA, Samsung, Ubisoft, Mercado Libre, and Vodafone.
On Thursday, March 10, the group announced they’re starting to recruit insiders employed within major technology giants and ISPs, such companies include Microsoft, Apple, EA Games and IBM. Their scope of interests includes – major telecommunications companies such as Claro, Telefonica and AT&T.
Notably, the actors are looking to buy remote VPN access and asking potential insiders to contact them privately via Telegram, they then reward them by paying for the access granted.
Follow me on Twitter: @securityaffairs and Facebook
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, BazarLoader)
[adrotate banner=”5″]
[adrotate banner=”13″]
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best…
Qualys warns of two information disclosure flaws in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise…
Meta stopped three covert operations from Iran, China, and Romania using fake accounts to spread…
The U.S. sanctioned Funnull Technology and Liu Lizhi for aiding romance scams that caused major…
ConnectWise detected suspicious activity linked to a nation-state actor, impacting a small number of its…
Victoria’s Secret took its website offline after a cyberattack, with experts warning of rising threats…
This website uses cookies.
