Okta is an IT security firm that provides its services to other companies to shield their identity systems and platform access. The company, headquartered in San Francisco, is one of the world’s leading providers of online authentication services for both applications and websites. Okta has a portfolio of more than 15,000 customers around the globe, including companies such as FedEx Corp, T-Mobile US Inc, Moody’s Corp, Coinbase Global Inc, MGM Resorts and Jetblue Airways. Its clients also include institutions such as the U.S. Department of Justice.
Okta, one of the leading companies in online authentication services, has acknowledged having suffered the worst cyber attack in its history
Earlier this week, Okta acknowledged having suffered the worst cyber attack in its history. Hundreds of organizations that entrust this company with access to their systems may have had their security compromised. According to what was published by the company itself, a group of hackers gained access to the laptop of one of its employees.
From that breach, hackers managed to access Okta’s system and about 2.5% of its customers have had their information exposed. Okta claims that has contacted the affected companies to address the problem and inform them of the situation.
Those responsible for the attack are the lapsus$ cybercriminal group. This gang of hackers has already attacked other high-profile targets such as Microsoft itself, whose servers were accessed by the group’s cybercriminals.
Their modus operandi is the same in all operations. The hackers manage to access to servers and confidential information of a company or institution by exploiting its security breaches. Once Lapsus$ is in possession of this information, it extorts and threatens to reveal it if the affected parties do not pay a ransom for it.