Attack on Okta: Data From A Limited Number of Customers May Have Been Seen After All

Attack on Okta: Data From A Limited Number of Customers May Have Been Seen After All

During the attack on the Okta authentication platform, the perpetrators may have seen customer data. This concerns data from about 2.5 percent of Okta’s customers. The company has since informed them.

 

Okta reports this in an update on the recent cyber attack. The attack group Lapsus$ recently claimed to have struck at Okta. In January, Chief Security Officer (CSO) David Bradbury previously reported that Okta had detected “a failed attempt” to hack into a support engineer’s account. Measures were then taken, and further investigations were conducted into the attack attempt.

That investigation showed that an attacker did have access to the laptop of a support engineer in the period from January 16 to 21, 2022. This matches a screenshot Lapsus$ shared on Telegram. However, Bradbury stated at the time that “the potential impact on Okta customers was limited by the access rights that support engineers have.”

The engineers would not be able to create or delete users nor to download customer databases. They can reset user passwords and multifactor authentications, but they don’t have access to the passwords themselves.

But that now turns out to be a bit too optimistic, because in a new blog post, the CSO writes the following: ‘After a thorough analysis, we concluded that the data of a small part of the customers, about 2.5 percent, may have been looked at or used. So we identified those customers and contacted them by email.”

Leave a Reply

Toshiba Wants to be Bought Previous post Toshiba Not Allowed to Split from Shareholders
Still 160,000 People Stuck in Mariupol, Mayor Wants Evacuation Next post Still 160,000 People Stuck in Mariupol, Mayor Wants Evacuation