Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Okta Claims Only 2.5% Customers Were Impacted by Lapsus$ Group Hack

Okta, an enterprise identity and access management company, has published an extensive update about the recent cyberattack by the LapsuS$ hacking group. The company confirmed that around 2.5 percent of its customers were affected by this security incident.

The investigations revealed that the threat actors managed to gain access to the laptop of a third-party support engineer via remote desktop protocol (RDP) for five days in mid-January. The account of the impacted customer support engineer was suspended immediately to prevent any further damage.

Okta acknowledged that the third-party support engineers could help users reset their passwords, and some of them may have been affected by this incident. However, the company explained that the consequences of this hacked account for Okta customers remain limited since third-party support engineers don’t have wide access to customer data.

“The potential impact to Okta customers is limited to the access that support engineers have. These engineers are unable to create or delete users, or download customer databases. Support engineers do have access to limited data — for example, Jira tickets and lists of users — that were seen in the screenshots. Support engineers are also able to facilitate the resetting of passwords and multi-factor authentication factors for users, but are unable to obtain those passwords,” explained David Bradbury, Chief Security Officer at Okta.

Okta plans to notify its customers impacted by the Lapsus$ hack

Okta is currently investigating this incident and trying to identify all impacted customers. The company noted that the Lapsus$ hack didn’t impact HIPAA, Auth0, and FedRAMP customers. It is important to note that Lapsus$ has been involved in hacking different high-profile companies in recent weeks, including Samsung, NVIDIA, and Ubisoft.

Microsoft, which is a big competitor to Otka with Azure Active Directory, has also been hacked by the same group earlier this week and claimed that LapsuS$ hackers only had “limited access” to its source code. The Redmond giant has recommended its customers to use trusted endpoints, implement secure Multifactor Authentication mechanisms, and leverage modern VPN authentication techniques.

by Rabia Noureen
Mar 24, 2022

Rabia comes from a solid IT background and has been writing professionally about Microsoft products and other technology for four years. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on the latest trends in...

Petri.com’s New Active Directory Outage and Disaster Recovery Survey

Feb 15, 2024
Apr 16, 2024
Get-ADComputer: The PowerShell Command for Managing Active Directory Computers

Nov 15, 2023
Essential Guide to Mastering Get-ADGroupMember (AD User Management)

Oct 12, 2023

Take our survey

PETRI NEWSLETTERS

Join Petri Insider

Create a free account today to participate in forum conversations, comment on posts and more.