OKTA Security Breach 2022

OKTA Security Breach 2022

Many large corporate customers were horrified to learn of the recent Okta security breach.

Okta says 366 corporate customers, or about 2.5% of its customer base, hackerrei konpainiaren barne-sarean sartzeko aukera ematen dien segurtasun-hauste batek eragin zien.

The authentication giant admitted the compromise after the Lapsus$ hacking and extortion group posted screenshots of Okta’s apps and systems on Monday, hackerrek bere sarera sarbidea lortu zutenetik bi hilabete ingurura.

Arau-haustea Okta-ri bezeroarentzako arreta-zerbitzua eskaintzen dion izenik gabeko azpiprozesadore bati egotzi zitzaion hasieran. batean adierazpen eguneratua asteazkenean, Okta’s chief security officer David Bradbury confirmed the subprocessor is a company called Sykes, which last year was acquired by Miami-based contact center giant Sitel.

Okta has admitted it “made a mistake” by not telling customers sooner about a security breach in January, in which hackers were able to access the laptop of a third-party customer support engineer.

The Lapsus$ hacking group published screenshots of Okta’s systems on March 22, taken from the laptop of a Sitel customer support engineer, which the hackers had remote access to on January 20.

“We want to acknowledge that we made a mistake. Sitel is our service provider for which we are ultimately responsible. In January, we did not know the extent of the Sitel issue – only that we detected and prevented an account takeover attempt and that Sitel had retained a third party forensic firm to investigate. At that time, we didn’t recognize that there was a risk to Okta and our customers