Okta confirms investigation into potential breach

Okta, a major Single Sign-On provider that allows people to use one account to log into multiple digital services, confirmed to The Record Tuesday it is investigating a potential breach after the Lapsus$ cybercrime gang claimed access to its systems. 

“Okta is aware of the reports and is currently investigating,” Okta senior communications manager Chris Hollis told The Record via email. “We will provide updates as more information becomes available.” Reuters first confirmed the investigation.

Lapsus$ is a recently emerging threat actor that has been linked to attacks on elements of digital infrastructure, including chipmaker NVIDIA, in its chaotic run so far. If verified, an attack on Okta would represent a major attack on digital supply chains

Securing digital supply chains has been a major focus for the U.S. Cybersecurity and Infrastructure Agency (CISA) in recent years. 

CISA and U.S. President Joe Biden both warned of potential threats Monday based on “evolving intelligence” about Russian state-backed attempts to interfere with critical infrastructure in response to financial sanctions over the Russian invasion of Ukraine.

“If you have not already done so, I urge our private sector partners to harden your cyber defenses immediately by implementing the best practices we have developed together over the last year,” Biden said in a statement Monday. 

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Andrea Peterson

Andrea Peterson

(they/them) is a longtime cybersecurity journalist who cut their teeth covering technology policy at ThinkProgress (RIP) and The Washington Post before doing deep-dive public records investigations at the Project on Government Oversight and American Oversight.