Who are Lapsus$ and did they hack Okta?
THERE is a new hacking group that has emerged in the past few months
The group called Lapsus$ has targeted a series of high-profile victims, most recently allegedly hacking Okta.
Who are Lapsus$?
The hackers who have a strong social media presence on Telegram, are focused on data theft rather than ransomware.
They tend to threaten to leak the victim’s stolen files unless they receive payment.
While they seemed to target mainly Portuguese-language victims at first such as Portuguese media firm Impresa and Brazil’s health ministry, they have now expanded to more companies across the world.
Did Lapsus$ hack Okta?
On March 22, 2022, Lapsus$ posted screenshots in their Telegram channel allegedly of Okta’s customer data.
It said: “For a service that powers authentication systems to many of the largest corporations (and FEDRAMP approved) I think these security measures are pretty poor[…].”
“Before people start asking, we did not access/steal any databases from Okta — our focus was only on Okta customers.”
But Okta has denied being hacked and revealed they are investigating the claims of a data breach.
They said in a statement: “In late January 2022, Okta detected an attempt to compromise the account of a third-party customer support engineer working for one of our sub-processors.
“The matter was investigated and contained by the sub-processor.
“We believe the screenshots shared online are connected to this January event. Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January.”
Who have Lapsus$ hacked?
Lapsus$ have targeted other big names over the past few months including Samsung, Nvidia, and Ubisoft.
In February 2022, the group stole one terabyte of data from Nvidia including sensitive information, source code, usernames and passwords.
A few days later the hackers announced they had stolen 190 gigabytes of data from Samsung including information about the Galaxy smartphone biometric authentication system.
On March 10, Ubisoft released a statement confirmed it suffered a breach.
It read: “Last week, Ubisoft experienced a cyber security incident that caused temporary disruption to some of our games, systems, and services.
“As a precautionary measure we initiated a company-wide password reset … There is no evidence any player personal information was accessed or exposed as a by-product of this incident.”
We pay for your stories!
Do you have a story for The US Sun team?
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.