Authentication firm Okta investigates digital breach report

WASHINGTON, March 22 (Reuters) – Documentation services provider Okta Inc (OKTA.O) The company said on Tuesday it was investigating a report of a digital breach, after hackers released screenshots showing what they claimed was the company’s internal environment.

The Okta hack could have serious consequences as thousands of other companies rely on the San Francisco-based company to manage access to their networks and apps.

In a statement, Octa official Chris Hollis said the breach may be related to an earlier incident in January that was contained.

Register now to get free unlimited access to Reuters.com

Hollis said Octa discovered an attempt to hack into the account of a third-party customer support engineer at the time.

“We believe the screenshots shared online are related to the January event,” he said. “Based on our investigation to date, there is no evidence of ongoing malicious activity other than the activity detected in January.”

Screenshots were posted by a group of ransom-seeking hackers known as $LAPSUS$ on their Telegram channel late Monday. In an accompanying message, the group said its focus is on “Okta customers only.”

Security experts told Reuters the photos appeared to be original.

“I definitely think they’re credible,” said independent security researcher Bill Demirkapi, citing images of what appeared to be Okta’s internal tickets and internal chats on the Slack messaging app.

Dan Tentler, founder of cybersecurity consultancy Phobos Group, said he also believed the breach was real and urged Okta customers to be very careful for now.

Raphael Satter reports. Editing by Muralikumar Anantharaman and Clarence Fernandez

Our criteria: Thomson Reuters Trust Principles.

Leave a Reply

Your email address will not be published. Required fields are marked *