Okta Tells Customers To Stay On High Alert Following Hacking Incident : Global : Business Times
btimesonline.com

Okta Tells Customers To Stay On High Alert Following Hacking Incident

By Charleston Lim
March 23, 2022 03:29 pm
Okta Chief Security Officer David Bradbury said its ability to authenticate logins is still secure and was unaffected by the incident. (Photo : Christiaan Colen/flickr(https://creativecommons.org/licenses/by-sa/2.0/))

Online authentication security service provider Okta has warned all of its more than 15,000 customers to stay on high alert after hackers had managed to gain access to a laptop owned by one of its support engineers. The company said Tuesday that the hacker had access to the laptop for five days in January.

Okta clarified that its systems were not breached and remain secure and fully operational. Okta Chief Security Officer David Bradbury said its ability to authenticate logins is still secure and was unaffected by the incident.

Bradbury explained that the impact of the incident on customers is limited to those that its engineer had access to. He added that support engineers could facilitate the resetting of passwords and multi-factor authentication details, but they are unable to see the actual changes made.

The company's announcement comes only hours after Okta said that it was looking into claims of a suspected data breach. The announcement was made after a hacker group known as Lapsus$ claimed credit for the attack and published screenshots indicating that they had access to an Okta internal administrative account and the firm's Slack channel.

On the messaging app Telegram, Lapsus$ claimed that it did not steal any databases from Okta itself but that its focus was on the company's customers. Okta CEO Todd McKinnon said Tuesday morning that the company believes the group is involved in the latest attack.

The hacking group claimed in December that it was able to gain access to sensitive data from several high-profile Okta customers. Cybersecurity experts said the group has mostly been targeting corporations in Latin America, indicating that they may be based in the region.

Not a lot is known about the group, and they have not operated like other hacking groups in the past. Cybersecurity company Digital Shadows said the hackers had not used ransomware, and there is no evidence that they have tried to extort any of their victims. Digital Shadows said the group has also been recruiting rogue personnel at different companies to help them gain access to their systems. On Telegram, Lapsus$ claims that it is not state-sponsored and that its operations are not motivated by money.

Okta said it would be conducting a full investigation into the incident, and it would be actively contacting customers that may be affected. The company's stock plunged by more than 8% after it confirmed the hacking incident, but much of the losses were regained during the rest of the day.

TagsOksta, cybersecurity, online security, global, Authentication security, data security, company, Hacking Incident

© 2023 Business Times All rights reserved. Do not reproduce without permission.
Loading ...

Most Popular

  1. 1 Kelly Clarkson Allegedly Feels Betrayed By Blake Shelton And Distances Herself After Family Wedding Drama
  2. 2 Muted Market Reaction as Hong Kong Gears Up for Spot Crypto ETF Listings
  3. 3 Hunter Biden's Legal Team Threatens Fox News with Imminent Lawsuit Over Alleged Defamation and 'Revenge Porn'
  4. 4 Three U.S. Marshal Task Force Officers Killed, Multiple CMPD Officers Wounded in Charlotte Shootout
  5. 5 NHTSA Launches Investigation into Ford's BlueCruise Technology Following Two Fatal Crashes
  6. 6 Bob Bakish to Step Down as Paramount Global CEO, Trio to Lead Amid Merger Speculations
  7. 7 Prince Andrew and Sarah Ferguson's Marriage to be Examined in New Book by Royal Biographer Andrew Lownie
© Copyright 2024 Business Times rights reserved.
About Us Contact Us Privacy Policy Terms&Conditions