Okta single sign-on platform begins investigation after hack claims

Authentication platform Okta may have been hacked. The company confirms that it has been a victim of ransomware group Lapsus$. There are no details about the hack, but the damage could be extensive. Okta is a platform that offers single sign on services.

Okta does not want to definitively confirm that the hack took place. The hackers would put screenshots on Telegram showing how they are in the internal environment of the company. The screenshots show, among other things, that the attackers would have access to admin accounts that could modify customer accounts. It also appears that the attackers have been in the systems since at least January. According to experts, the hack could have taken place via a seconded employee. The company confirms to Reuters that it ‘heard of the reports’ and that it has now launched an investigation.

The potential damage from the hack would be great. Okta offers a single sign-on platform that is implemented by companies to build login functions. With access to customer data, the attackers could easily break into those companies. It may even have happened because the hackers had access to the network for so long. The attackers say on Telegram that they are mainly interested in Okta’s customers and not in the company itself.

The hack was allegedly carried out by the ransomware group Lapsus$. That is a striking ransomware gang. The group appears to be less professional than many other ransomware groups, but it does have some major hacks to its name. Lapsus$ hacked Nvidia and Samsung, among others, and after those hacks put source code online.