Identification-management supplier
Okta Inc.
OKTA -1.76%
mentioned Tuesday {that a} preliminary investigation discovered no proof of any ongoing malicious exercise after hackers posted pictures they mentioned had been of the corporate’s inner programs.
The screenshots almost certainly associated to an earlier safety incident in January, which has already been resolved, the San Francisco-based firm mentioned in an announcement posted in a single day on its web site.
Greater than 15,000 prospects world-wide—together with multinational firms, universities and governments—depend on Okta’s software program to securely handle entry to their programs and confirm customers’ identities, in accordance with a current submitting.
Okta investigated after the hacking group LAPSUS$ posted screenshots on Telegram, an instantaneous messaging service, purporting to point out that it had gained entry to Okta.com’s administrator and different programs. The photographs had been additionally circulated on different boards, together with Twitter.
The group mentioned that it didn’t entry or steal any information from Okta itself and that its focus was on the software program firm’s prospects.
Okta mentioned in its assertion that it believed the shared screenshots had been tied to an try in January to compromise the account of a third-party customer-support engineer working for a subprocessor. It mentioned the matter had been investigated and contained by the subprocessor.
“Based mostly on our investigation to this point, there isn’t any proof of ongoing malicious exercise past the exercise detected in January,” Okta mentioned.
One Okta buyer whose info was included in a screenshot posted by LAPSUS$ was
Cloudflare Inc.,
an internet-infrastructure and safety firm. In a tweet, Cloudflare CEO
Matthew Prince
mentioned the corporate was conscious of the breach declare, however he mentioned there was no proof that its programs had been compromised. Cloudflare mentioned it was resetting the credentials of any workers who had modified their passwords within the earlier 4 months.
“Okta is one layer of safety. Given they could have a problem, we’re evaluating options for that layer,” Mr. Prince wrote earlier than Okta revealed it assertion.
Mr. Prince later wrote that he hadn’t obtained a passable reply to issues over a earlier Okta vulnerability incident found in December. In January, Okta mentioned it was nonetheless investigating that vulnerability, referred to as “Log4Shell,” which involved a Java-based logging utility present in a variety of software program merchandise.
The most recent breach declare places the highlight as soon as extra on LAPSUS$, which says it has efficiently hacked a string of high-profile targets not too long ago. In late February, the group mentioned it stole a terabyte of information from chip firm
Nvidia Corp.
It has additionally claimed duty for a breach at Samsung Electronics Co. Samsung didn’t reply to a request for remark.
In its submit revealing the Nvidia hack, the group mentioned it wasn’t state sponsored and that “we’re not in politics AT ALL.”
An Nvidia spokesman mentioned that worker credentials and a few Nvidia proprietary info had been leaked within the incident however that the corporate had no proof of ransomware being deployed. He mentioned Nvidia didn’t anticipate the incident to have an effect on its skill to serve prospects.
Write to Dan Strumpf at daniel.strumpf@wsj.com and Ben Otto at ben.otto@wsj.com
Copyright ©2022 Dow Jones & Firm, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8
Appeared within the March 23, 2022, print version as ‘Okta Says Probe Discovered No Proof of New Breach.’