Connect with us

Hi, what are you looking for?

Tech

Okta Investigates Report of Safety Breach, Says It Finds No Proof of New Assault

Okta Investigates Report of Safety Breach, Says It Finds No Proof of New Assault

Identification-management supplier

Okta Inc.

OKTA -1.76%

mentioned Tuesday {that a} preliminary investigation discovered no proof of any ongoing malicious exercise after hackers posted pictures they mentioned had been of the corporate’s inner programs.

The screenshots almost certainly associated to an earlier safety incident in January, which has already been resolved, the San Francisco-based firm mentioned in an announcement posted in a single day on its web site.

Greater than 15,000 prospects world-wide—together with multinational firms, universities and governments—depend on Okta’s software program to securely handle entry to their programs and confirm customers’ identities, in accordance with a current submitting.

Okta investigated after the hacking group LAPSUS$ posted screenshots on Telegram, an instantaneous messaging service, purporting to point out that it had gained entry to Okta.com’s administrator and different programs. The photographs had been additionally circulated on different boards, together with Twitter.

The group mentioned that it didn’t entry or steal any information from Okta itself and that its focus was on the software program firm’s prospects.

Ransomware assaults are rising in frequency, sufferer losses are skyrocketing, and hackers are shifting their targets. WSJ’s Dustin Volz explains why these assaults are on the rise and what the U.S. can do to struggle them. Picture illustration: Laura Kammermann

Okta mentioned in its assertion that it believed the shared screenshots had been tied to an try in January to compromise the account of a third-party customer-support engineer working for a subprocessor. It mentioned the matter had been investigated and contained by the subprocessor.

“Based mostly on our investigation to this point, there isn’t any proof of ongoing malicious exercise past the exercise detected in January,” Okta mentioned.

One Okta buyer whose info was included in a screenshot posted by LAPSUS$ was

Cloudflare Inc.,

an internet-infrastructure and safety firm. In a tweet, Cloudflare CEO

Matthew Prince

mentioned the corporate was conscious of the breach declare, however he mentioned there was no proof that its programs had been compromised. Cloudflare mentioned it was resetting the credentials of any workers who had modified their passwords within the earlier 4 months.

“Okta is one layer of safety. Given they could have a problem, we’re evaluating options for that layer,” Mr. Prince wrote earlier than Okta revealed it assertion.

Mr. Prince later wrote that he hadn’t obtained a passable reply to issues over a earlier Okta vulnerability incident found in December. In January, Okta mentioned it was nonetheless investigating that vulnerability, referred to as “Log4Shell,” which involved a Java-based logging utility present in a variety of software program merchandise.

The most recent breach declare places the highlight as soon as extra on LAPSUS$, which says it has efficiently hacked a string of high-profile targets not too long ago. In late February, the group mentioned it stole a terabyte of information from chip firm

Nvidia Corp.

It has additionally claimed duty for a breach at Samsung Electronics Co. Samsung didn’t reply to a request for remark.

In its submit revealing the Nvidia hack, the group mentioned it wasn’t state sponsored and that “we’re not in politics AT ALL.”

An Nvidia spokesman mentioned that worker credentials and a few Nvidia proprietary info had been leaked within the incident however that the corporate had no proof of ransomware being deployed. He mentioned Nvidia didn’t anticipate the incident to have an effect on its skill to serve prospects.

Write to Dan Strumpf at daniel.strumpf@wsj.com and Ben Otto at ben.otto@wsj.com

Copyright ©2022 Dow Jones & Firm, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

Appeared within the March 23, 2022, print version as ‘Okta Says Probe Discovered No Proof of New Breach.’

You May Also Like

World

France, which has opened its borders to Canadian tourists, is eager to see Canada reopen to the French. The Canadian border remains closed...

Health

Kashechewan First Nation in northern Ontario is experiencing a “deepening state of emergency” as a result of surging COVID-19 cases in the community...

World

The virus that causes COVID-19 could have started spreading in China as early as October 2019, two months before the first case was identified in the central city of Wuhan, a new study...

World

April Ross and Alix Klineman won the first Olympic gold medal for the United States in women’s beach volleyball since 2012 on Friday,...