Authentication firm Okta probes report of digital breach
Add BT as a preferred source[WASHINGTON] Authentication services provider Okta is investigating a report of a digital breach, the company said on Tuesday (Mar 22), after hackers posted screenshots showing what they claimed was its internal company environment.
A hack at Okta could have major consequences because thousands of other companies rely on the San Francisco-based firm to manage access to their own networks and applications.
The company was aware of the reports and was investigating, Okta official Chris Hollis said in a brief statement.
"We will provide updates as more information becomes available," he added.
The screenshots were posted by a group of ransom-seeking hackers known as LAPSUS$ on their Telegram channel late on Monday. In an accompanying message, the group said its focus was "only on Okta customers."
Security experts told Reuters the screenshots appeared to be authentic.
Navigate Asia in
a new global order
Get the insights delivered to your inbox.
"I definitely do believe it is credible," said independent security researcher Bill Demirkapi, citing pictures of what appeared to be Okta's internal tickets and its in-house chat on the Slack messaging app.
Dan Tentler, the founder of cybersecurity consultancy Phobos Group, said he too believed the breach was real and urged Okta customers to be "very vigilant right now."
In an email, Tentler added, "There are timestamps and dates visible in the screenshots indicating Jan 21 of this year, which suggests they may have had access for 2 months." REUTERS
Decoding Asia newsletter: your guide to navigating Asia in a new global order. Sign up here to get Decoding Asia newsletter. Delivered to your inbox. Free.
Share with us your feedback on BT's products and services
