Today, the Lapsus$ gang has posted a few screenshots in its Telegram group, pertaining to Okta.com. While the gang claims to have accessed through an admin account, Okta said it’s investigating the incident and will supply more updates when known.

Okta.com Breached

With over 5,000 employees and more than $6 billion market value, Okta is one of the leading services offering authentication services and Identity and access management (IAM) solutions to several big corporations. A few of the notable clients in its pocket include Siemens, ITV, Pret a Manger, Starling Bank, etc. While it’s trusted to provide reliable security solutions, it’s unfortunate that Okta is now strangled with a data breach issue. Also Read- Microsoft is Investigating Alleged Source Code Leak by Lapsus$ Gang On Tuesday morning, an infamous cybercrime group called Lapsus$ started claiming a breach into Okta.com, where it accessed the platform’s customer data through a “superuser/admin” account. To make this more authentic, the gang posted screenshots indicating the files belonging to Okta.

— Todd McKinnon (@toddmckinnon) March 22, 2022 And one among them stated the date as of January 21st, 2022, making us think the data breach may have happened months earlier. While it didn’t share any of the claimed data, Okta responded to these claims by saying to BleepingComputer as; “Okta is aware of the reports and is currently investigating. We will provide updates as more information becomes available.” While we await confirmation, the Lapsus$ gang has leaked 37GB of stolen source code belonging to Microsoft! This data specifically belong to Bing, Cortana, and other Microsoft projects. Microsoft has yesterday stated it’s investigating the claims after reports of the Azure DevOps breach started surfacing online. Also, there’s yet another claim of breaching LG Electronics for the second time in a year made by Lapsus$.

Lapsus  Gang Claims to Have Breached Okta Authentication Platform - 75