Exploit: Unauthorized Access
Microsoft: Software Company
Risk to Business: 1.299 = Extreme
Lapsus$ also pulled off another high-profile attack, this time against access management company Okta. Lapsus$ announced that it had breached Okta’s security in January on March 22. Supporting the claim, the group published screenshots related to Okta’s internal apps and systems. This one had a bit of a bumpy acknowledgment process by Okta who originally said no customer data was accessed but later clarified, saying “a small percentage of customers – approximately 2.5% – have potentially been impacted and (their) data may have been viewed or acted upon.” A third-party service provider’s previous breach likely also played a part in the incident. No specifics on the data were given. As we stated above, Lapsus$ is typically involved in ransomware operations but no details of any ransomware activity have been reported.
NOTE: Lapsus$ hackers were allegedly detained by UK police following these incidents.
Individual Impact:
No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How It Could Affect Your Customers’ Business: Cybercriminals know that service providers are a quick avenue to exploit for vulnerabilities that may allow them to penetrate a bigger company’s security.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.