Okta hack puts thousands of businesses on high alert Business

Thousands of businesses have been put on high alert after hackers hacked into the systems of a company used by millions of employees to log into sensitive corporate networks.

Okta, a US-based identity management company, confirmed that it had been compromised after the Lapsus$ cybercriminal gang shared screenshots of what appeared to be customer data.

Okta is used by over 6,000 companies worldwide. The breach potentially means that criminals can access internal data from one of these companies.

Shares fell 4% in New York, valuing the company at $24.7 billion.

The hack took place after the account of a “third-party customer support engineer” with access to its systems was compromised by Lapsus$ in January, Okta said.

A screenshot shared by Lapsus$ appears to show the login credentials of a software engineer at Cloudflare, the web infrastructure company.

Matthew Prince, chief executive of Cloudfare, tweeted that his company would reset the login credentials of employees who had changed their passwords in the last four months, “out of an abundance of caution”.

Oz Alashe, chief executive of cybersecurity firm CybSafe, said: “The potential attack on Okta is a stark reminder of supply chain cyber risks. Cybercriminals will often identify the path of least resistance.

So-called supply chain attacks have become more popular with cybercriminals in recent years. The technique involves infiltrating the systems of a company that provides critical software to a large number of customers, or provides a high-value target.

In late 2020, the Russian spy agency GRU illegally gained access to SolarWinds, a maker of networking software, gaining access to around 18,000 of its customers.

Lapsus$ has previously been linked to cyberattacks against graphics card maker Nvidia as well as Microsoft, Samsung and game developer Ubisoft.

Its series of cyberattacks against leading tech companies resembles a tactic used by another cybercriminal gang called Cl0p.

Last year, Cl0p abused a software vulnerability in a widely used file transfer device made by Accellion in a similar rampage.

The vulnerability has given criminals a backdoor into businesses in the technology, pharmaceutical, manufacturing, and financial sectors, among others.

More about this article: Read More
This notice was published: 2022-03-22 15:13:08

Leave a Reply

Your email address will not be published. Required fields are marked *