Lapsus$ Ransomware attack on Okta leads to a data breach


Lapsus$ Hacking group claims that it has had access to the network of Okta, a cloud-based application security software offering company since January this year. And reports are in that the criminal group spreads file-encrypting malware has stolen some critical data from the servers to prove its claims.

The disclosure came when a security engineer named Bill Demirkapi, working for Zoom, revealed the details on Telegram in the evening hours of Monday.

Some screenshots proving the data-stealing claims of Lapsus$ group were also revealed on telegram by Demirkapi, who added that the malware spreading gang had super-access to the entire corporate network and that was confirmed by Lapsus$ after it pasted some screenshots related to Okta’s internal Slack and Jira instances on its official Telegram channel.

A certain section of media is speculating that the data breach could have put all the 15k customers of Okta at extreme risk and this includes the company’s premium customers such as Peloton, Cloudflare, Grubhub, T-Mobile, FCC, and Sonos.

On the other hand, Chris Hollis, the official spokesperson of Okta, downplayed all the speculations written in the media and confirmed that there is no firm evidence to prove the ransomware incident.

South American Lapsus$ hacking group claims that it has stolen source code related to Bing, Cortona, and some other internal Microsoft projects and includes 37GB of extra source code steal belonging to 250 other companies……oops, that’s massive!

Note- From the beginning of this year, Lapsus$ ransomware has targeted servers of big companies like NVIDIA, Ubisoft, and Samsung.


Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display