Screenshots of Okta’s internal apps released by Lapsus$

Screenshots of Okta’s internal apps released by Lapsus$

https://www.bleepingcomputer.com/news/security/okta-investigating-claims-of-customer-data-breach-from-lapsus-group/

Exploit: Unauthorized Access
Microsoft: Software Company

risk-to-business-img-r1

Risk to Business: 1.299 = Extreme

Lapsus$ also pulled off another high-profile attack, this time against access management company Okta. Lapsus$ announced that it had breached Okta’s security in January on March 22. Supporting the claim, the group published screenshots related to Okta’s internal apps and systems. This one had a bit of a bumpy acknowledgment process by Okta who originally said no customer data was accessed but later clarified, saying “a small percentage of customers – approximately 2.5% – have potentially been impacted and (their) data may have been viewed or acted upon.” A third-party service provider’s previous breach likely also played a part in the incident. No specifics on the data were given. As we stated above, Lapsus$ is typically involved in ransomware operations but no details of any ransomware activity have been reported.

NOTE: Lapsus$ hackers were allegedly detained by UK police following these incidents.

risk-to-business-img-r1

Individual Impact:

No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How It Could Affect Your Customers’ Business: Cybercriminals know that service providers are a quick avenue to exploit for vulnerabilities that may allow them to penetrate a bigger company’s security.

Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


3 Essential Types Of Cybersecurity Your Business Must HaveCLICK HERE!
+ +