CyberNews Briefs

Okta says Lapsus$ breach hit just two customers

Cloud software company Okta has confirmed that a cybersecurity incident that occurred in January had a much smaller impact than anticipated. The attackers were allegedly able to access the laptop of a third-party customer support engineer. The attack impacted just two other active customer tenants and lasted a total of 25 minutes, according to Okta’s investigation into the matter. The hacking group Lapsus$ is believed to be responsible for the attack, in which threat actors gained access to a laptop belonging to a Sitel customer support engineer.

The incident occurred on January 21 and was revealed on March 22, when Lapsus$ posted screenshots of Okta’s systems. The forensic investigation that followed reported that the hacking group had control of one single workstation, through which they accessed two active customer tenants and viewed information in applications such as Slack and Jira. Lapsus$ was unable to perform any configuration changes successfully, such as password resets or MFA.

Read More: Okta says Lapsus$ breach hit just two customers

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.