Okta Inc. said it is investigating a potential digital breach of its software that lets businesses authenticate the identity of their customers and employees, sending company shares down as much as 8%.
“In late January 2022, Okta
detected an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors,” the company said in a blog post Tuesday. “The matter was investigated and contained by the subprocessor. We believe the screenshots shared online are connected to this January event. Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January.”
Hacking group Lapsus$ has claimed responsibility for the breach and published screenshots claiming access to an Okta internal administrative account and the firm’s Slack channel. However, the shadowy group also said on the messaging app Telegram it did not steal any databases from Okta, and “our focus was ONLY on Okta customers.” [According to its website, Okta says it has more than 15,000 customers.]
Early Tuesday, Okta Chief Executive Todd McKinnon tweeted that the company believes those screenshots are related to a security incident in January that was contained.
“In late January 2022, Okta detected an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors,” McKinnon tweeted, referring to a subcontractor that works with Okta. “The matter was investigated and contained by the subprocessor.”