Who are they and why are they so important?

LAPSUS $ He continues to haggle Big Tech with theft and threaten to leak sensitive information. nvidiaAnd the MicrosoftAnd the SamsungOr Mercado Libre or Ubisoft are some of the companies that have confirmed that they have been attacked by the aforementioned Latin American hacker group, confirming that they accessed the data through the credentials of the workers. octaLAPSUS$, a company dedicated to providing employee identification services to other companies, was also hacked by LAPSUS$, although the US company initially denied it.

The Hacking Okta by LAPSUS $In fact, it was implemented in January 2022, according to the data provided by the hacker group, who shared a series of screenshots on their Telegram account that revealed access to the company’s services.

However, the American company He initially asserted that his services had not been violatedalthough it confirmed that the attacker had access to a support engineer’s laptop on January 16 and 21, 2022. “Okta’s service has not been hacked and is still fully operational. There are no corrective actions to be taken for our customers,” David Bradbury said, Okta security officer. In a statement.

Bradbury also stated that these types of employees cannot “create or delete users”. They also do not “download customer databases” and therefore cannot access those passwords that LAPSUS$ claimed to have.

“The potential impact of Okta’s customers is limited to access support engineers. Support engineers cannot create or delete users, or download customer databases. Support engineers have access to limited data, for example, Jira tickets and user lists, which is seen in the screenshots.” Support engineers can also facilitate password resets and multi-factor authentication for users, but they cannot obtain those passwords.”

LAPSUS$ didn’t take long to respond to these statements via its Telegram channel, claiming that Octa was lying in your statement. The hacking team claimed they had “super user/administrator” access to Okta.com and “various other systems”. All this for several months and not just in five days as the company claims.

Meanwhile, Okta took 8 hours to update your statement Additional information about the hack. They confirmed – Now yes – who committed Data of a large part of its customers. “After extensive analysis of these allegations, we have determined that a small percentage of customers, around 2.5%, have been affected and their data may have been viewed or acted upon,” Bradbury says.

Okta’s $LAPSUS hack doesn’t just affect the credential management company

But why is this hack so dangerous? How is it different from the data theft suffered by companies like Microsoft or Nvidia? Okta isn’t as well known as the one hacked by $LAPSUS yet, but it’s really important, because it’s a company dedicated to managing access credentials.

Many companies use Okta’s services to manage, protect and simplify access for their employees On the different platforms they work with on a daily basis. So this company stores important information for its partners. And now, at least in part, that information is in the hands of LAPSUS$.

According to Okta, the percentage of affected customers is 2.5%. Although this is, in the words of Okta, a “small percentage”, it equates to about 400 companiesAccording to estimates The Wall Street Journal, which assures that the company has more than 15,000 customers around the world. It’s not clear which companies will be affected, but Okta’s portfolio includes majors such as Sonos, Moody’s, Nasdaq, FedEx or T-Mobile.

See also  The Nuclear Power Plants Authority in Egypt sets the timing of operating El-Dabaa at its full capacity

Leave a Reply

Your email address will not be published.