2022-03-22

Okta Potential Data Breach

Level: 
Tactical
  |  Source: 
TheVerge
Technology
Share:

Okta Potential Data Breach

Industry: Technology | Level: Tactical | Source: TheVerge

Anvilogic will be monitoring the developing story of a potential Okta data breach claimed by data extortion group, Lapsus$. Okta is currently investigating the breach. A potential concern of breach is the digital supply chain ramifications.Okta authentication provider is investigating claims of a data breach from data extortion group Lapsus$. The threat group's Telegram channel claims to have access to Okta's systems for two months with "Superuser/Admin" privileges. The group’s focus was mentioned to be “only on Okta customers.” Reported by The Verge, an Okta spokesperson Chris Hollis speculates the breach to be tied to a third-party incident, stating “in late January 2022, Okta detected an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors. The matter was investigated and contained by the subprocessor.” Chris Hollis did not offer any additional insight as the matter is continuing to be investigated.

  • Anvilogic Use Cases: The team will be developing and communication any new applicable detections
  • Okta Multiple signins from Same IP address
  • Okta Impossible Travel Sign-In
  • Okta: Auth from Suspicious Country
  • Okta: Profile Updated
  • Okta: User Created

Get trending threats published weekly by the Anvilogic team.

Sign Up Now