Thousands are on high alert after hackers claim they breached authentication app Okta

THOUSANDS of businesses are on high alert after Okta said Tuesday it was investigating a report of a digital breach.

The authentication services provider made the announcement after hackers released screenshots that allegedly showed its internal company environment.

1

A hack at Okta could have dire consequences, as thousands of other companies rely on the San Francisco-based firm to manage access to their own networks and applications.

In a statement, Okta official Chris Hollis said the breach could be related to an earlier incident in January that has been contained.

According to Hollis, Okta had discovered an attempt to compromise the account of a third-party customer service technician at the time.

“We believe the screenshots shared online are related to this January event,” he said.

“Based on our investigation to date, there is no evidence of ongoing malicious activity beyond that detected in January.”

The screenshots were posted on their Telegram channel by a ransom-demand hacker group called LAPSUS$ late Monday

In an accompanying message, the group said its focus is “ONLY on Okta customers.”

told by security experts Reuters The screenshots appeared to be authentic.

“I definitely think it’s credible,” said independent security researcher Bill Demirkapi, citing images of Okta’s internal tickets and internal chat on the Slack messaging app.

Dan Tentler, founder of cybersecurity consultancy Phobos Group, said he too believes the breach is real and urged Okta customers to be “very vigilant at the moment.”

LAPSUS$, which has a strong social media presence on Telegram, focuses on data theft rather than ransomware.

They tend to threaten to reveal the victim’s stolen files if they don’t receive payment.

While they initially appeared to mainly target Portuguese-speaking victims such as Portuguese media company Impresa and the Brazilian Ministry of Health, they have since spread to more companies around the world.

Lapsus$ has targeted other big names in recent months, including Samsung, Nvidia, and Ubisoft.

In February 2022, the group stole a terabyte of data from Nvidia, including confidential information, source code, usernames and passwords.

A few days later, the hackers announced that they had stolen 190 gigabytes of data from Samsung, including information about the Galaxy smartphone’s biometric authentication system.

On March 10th, Ubisoft released a statement confirming that there had been a breach.

It read: “Ubisoft experienced a cybersecurity incident that temporarily disrupted some of our games, systems and services.

“As a precautionary measure, we have initiated a company-wide password reset… There is no evidence that any players’ personal information was accessed or disclosed as a by-product of this incident.”

• Read the latest phone and gadget news
• Stay up to date on Apple stories
• Get the latest on Facebook, WhatsApp and Instagram

We pay for your stories! Do you have a story for The Sun Online Tech & Science Team? Email us at tech@the-sun.co.uk