The company is currently investigating the claims made by the Lapsus$ cybercrime group. The firm has previously been linked to attacks on other companies‚ including Nvidia‚ Siemens‚ and Vodafone. In the latest case‚ Microsoft has been listed as a victim. The company said that it is looking into the attacks on its cloud platform‚ the Microsoft Azure. Although the Lapsus$ group has not yet demanded a ransom‚ it is taking precautionary measures to protect its customers from potential attack. The group claims to have breached Okta's systems and stolen data. Although it has no evidence of malicious activity‚ Lapsus$ has claimed to have gained access to Okta customer accounts and has posted screenshots of the attack. The group claims to have hacked the company's systems by gaining admin and superuser accounts. The company has not released any further information. A number of companies have responded to the attack by taking precautions. While the company's chief executive Todd McKinnon confirmed that the attack was caused by a supply chain‚ he questioned how it could be prevented. He said that the group was attempting to compromise the account of a subprocessor‚ but did not make the necessary changes. It is too early to speculate‚ but the company should do everything it can to secure its system as quickly as possible‚ he added. The Lapsus$ group's alleged attacks are a major breach of the company's security. The company has taken down a large portion of its customers' accounts in the last year‚ and a large portion of its users have been affected by the breach. The group has also been linked to multiple other ransom attacks‚ including the Okta supply chain attack. This means that the organization must have had access to these systems in order to launch its cyberattacks. The company says that there is no evidence of malicious activity on its part‚ but the screenshots of the account are dated Jan. 21‚ 2022. It says that the Lapsus$ group has accessed the systems of its customers for more than two months. This attack may have been the result of a hacker's unauthorized access to its databases. Its cybercrime claim has led to the disclosure of a number of competitive secrets. The group also posted screenshots of its internal systems. The group claims to have gained access to Okta's internal systems. The hackers reportedly stole 40GB of data from Microsoft. However‚ the hacking group has failed to publicly acknowledge the breach‚ but it has not confirmed the attack. The company is investigating the matter‚ but the hackers' actions remain an ongoing threat to businesses.
The hacker has not yet claimed responsibility‚ but the company is investigating the claims. The Lapsus$ group posted screenshots of its internal systems and a large amount of purportedly stolen data from Microsoft. The gang also claims to have gained access to administrative and superuser accounts on Okta. Some of the files included in the malware are downloadable. This attack may also have been a case of false-ware because the attackers were targeting other organizations. The Lapsus$ group claims that it broke into Okta's systems in January. In fact‚ the security firm said it detected a hacker's attempt to compromise a subprocessor account and then blocked the attacker's access to the network. The attack exposed Samsung's competitive secrets and left the company open to future compromise. The gang is currently investigating whether any of the claims are true. The hackers claim to have access to the accounts of Okta customers. The attackers have gained the access to these accounts by compromising Okta's security systems. They also obtained the passwords of other accounts and accessed their information. The group has claimed to have a large database that contains passwords. Moreover‚ the attackers have not targeted the servers of their customers.
This is our 3rd attempt at sharing the 5th - 8th photo. LAPSUS$ displayed a lot of sensitive information and/or user information, so much so we end up missing to censor some.
Photos 5 - 8 attached below. pic.twitter.com/KGlI3TlCqT — vx-underground (@vxunderground) March 22, 2022
LAPSUS$ extortion group has released source code to Bing, Bing Maps, and Microsoft Cortana.
They state that each release is incomplete (not the entire source code). — vx-underground (@vxunderground) March 22, 2022
The LAPSUS$ ransomware group has claimed to breach Okta sharing the following images from internal systems. pic.twitter.com/eTtpgRzer7 — Bill Demirkapi (@BillDemirkapi) March 22, 2022
We believe the screenshots shared online are connected to this January event. Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January. (2 of 2) — Todd McKinnon (@toddmckinnon) March 22, 2022
We are resetting the @Okta credentials of any employees who’ve changed their passwords in the last 4 months, out of abundance of caution. We’ve confirmed no compromise. Okta is one layer of security. Given they may have an issue we’re evaluating alternatives for that layer. — Matthew Prince 🌥 (@eastdakota) March 22, 2022