Microsoft Hacker LAPSUS$ Attacks Okta Customers
Digital security authentication firm Okta are the latest to confirm a cyberattack from hacker group Lapsus$.
An investigation showed that a hacker gained access to a Okta support team member’s laptop for a five-day period.
Okta’s customers include major global players such as Fed Ex, the FCC, and T-Mobile.
“After a thorough analysis of these claims, we have concluded that a small percentage of customers – approximately 2.5 per cent – have potentially been impacted and whose data may have been viewed or acted upon,” Okta confirmed.
The company also downplayed the access gained, saying: “The scenario here is analogous to walking away from your computer at a coffee shop, whereby a stranger has (virtually in this case) sat down at your machine and is using the mouse and keyboard.”
Okta said the hacker’s powers “weren’t godlike” and they couldn’t reset passwords and multifactor authentication factors, create or delete accounts, download customer logs, or access source code.