The Lapsus$ extortion crew has turned its attention to identity platform Okta and published screenshots purportedly showing the group gaining access to the company’s internals.
The incident follows the group’s claim over the weekend that it had made off with chunks of Microsoft’s code. However, a compromise at Okta could be altogether more serious since the company’s services are used by many others to manage network and application access as well as user identities.
At first glance, it appears that the group gained access to a “superuser” account as well as other internal tools. Okta has yet to confirm this is the case.
Read more…
Source: The Register