Okta confirms hundreds of companies could have been affected in January hack | #computerhacking | #hacking


Okta will give potentially affected customers a report of what the contracting company did on their accounts during the time of the hack in January. Okta said customers do not need to take any “corrective actions.”

“Because of the access that the support engineers had, the information and the actions were constrained,” Bradbury wrote. “While it is not a necessary step for customers, we fully expect they may want to complete their own analysis.”

Hacking group LAPSUS$ posted screenshots of what appeared to be internal Okta systems on Telegram this week, leading to widespread speculation that Okta was breached. Bradbury called the screenshots “embarrassing” for the company.

Hacking groups, which operate almost like companies with their own internal hierarchies and incentives, have popped up around the world in the past several years. These groups have gone after small businesses and large corporations, demanding ransom from victims in order to release data the hackers have locked.

Companies from nearly every industry, including schools, hospitals and even security companies themselves, have been targeted by these attacks.

In a detailed blog post, Bradbury said Okta identified a potential security compromise in January. After an investigation, it found that a hacker had obtained remote access to a contractor’s computer. The hacker appears to have had access for five days.

“So while the attacker never gained access to the Okta service via account takeover, a machine that was logged into Okta was compromised and they were able to obtain screenshots and control the machine through the (remote desktop protocol) session,” Bradbury wrote.

Customer service contractors cannot download customer databases or access source code, he wrote.



Original Source link




Leave a Reply

Your email address will not be published.

+ thirty four = forty four