Lapsus$ hackers did not use passwords contained in a spreadsheet when attacking login provider Okta. So says Sitel, the parent company of service provider Sykes that was hacked as a supplier by Lapsus$.
Sitel Group says in a statement that there were no passwords in a spreadsheet. Earlier this week wrote TechCrunch based on documents that the Lapsus$ hackers found a spreadsheet called DomAdmins-LastPass.xlsx during a break-in. Although TechCrunch did not confirm that it contained passwords, many readers did link the find to the hack. The hackers allegedly found the spreadsheet on Okta five hours before the break-in, implying that the spreadsheet did indeed contain an export of domain admin passwords.
Sitel declined to comment on that news for TechCrunch on Tuesday. Now the company says the news is false. “This spreadsheet contained account names, but no passwords,” the company wrote. “The only reference to passwords in the spreadsheet was the date passwords were changed per account.” The company also says the situation “didn’t contribute to the hack.”
Earlier this month, hacker group Lapsus$ was found to have gained access to internal systems of login provider Okta. This was done through Sykes, a customer service company that is part of Sitel Group. It is still not clear how the hackers got into Sykes and how they then made it to Okta via Sykes.