Authentication services provider Okta is investigating a report of a digital breach, the company said on Tuesday, after hackers posted screenshots showing what they claimed was its internal company environment.
A hack at Okta could have major consequences because thousands of other companies rely on the San Francisco-based firm to manage access to their own networks and applications.
The company was aware of the reports and was investigating, Okta official Chris Hollis said in a brief statement.
“We will provide updates as more information becomes available,” he added.
The screenshots were posted by a group of ransom-seeking hackers known as Lapsus$ on their Telegram channel late on Monday. In an accompanying message, the group said its focus was “ONLY on Okta customers.”
Security experts told Reuters the screenshots appeared to be authentic.
“I definitely do believe it is credible,” said independent security researcher Bill Demirkapi, citing pictures of what appeared to be Okta’s internal tickets and its in-house chat on the Slack messaging app.
Dan Tentler, the founder of cybersecurity consultancy Phobos Group, said he too believed the breach was real and urged Okta customers to be “very vigilant right now.”
In an email, Tentler added, “There are timestamps and dates visible in the screenshots indicating January 21st of this year, which suggests they may have had access for two months.”
© Thomson Reuters 2022