Authentication provider Okta or customer(s) hacked?
A group of attackers calling themselves Lapsus$, and previously responsible for attacks on chip giant NVIDIA, Portuguese media giant Impresa and the Brazilian Ministry of Health, posted screenshots on their Telegram channel showing that they have access to Okta systems. Okta offers solutions for identity and access management. “More than 15,000 global brands entrust Okta with the security of their digital interactions with employees and customers,” the company said on its website. Okta had a turnover of 1.3 billion dollars last year and has 5,000 employees. The company told Reuters that it is aware of the screenshots and has launched an investigation. The company will provide further information when available. The attackers claim that they did not target Okta itself, but the customers of the authentication provider. Security experts are warning Okta customers to be very vigilant.