2022-03-2022: Initial Story: Okta Potential Data Breach

Okta authentication provider is investigating claims of a data breach from data extortion group Lapsus$. The threat group's Telegram channel claims to have access to Okta's systems for two months with "Superuser/Admin" privileges. The group’s focus was mentioned to be on “only on Okta customers.” Reported by The Verge, an Okta spokesperson Chris Hollis speculates the incident to be tied to a third-party incident, stating “In late January 2022, Okta detected an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors. The matter was investigated and contained by the subprocessor.” Chris Hollis did not offer any additional insight as the matter is continuing to be investigated.

‍