Okta confirms investigation into potential breach

Okta, a major Single Sign-On provider that allows people to use one account to log into multiple digital services, confirmed to The Record Tuesday it is investigating a potential breach after the Lapsus$ cybercrime gang claimed access to its systems. 

“Okta is aware of the reports and is currently investigating,” Okta senior communications manager Chris Hollis told The Record via email. “We will provide updates as more information becomes available.” Reuters first confirmed the investigation.

Lapsus$ is a recently emerging threat actor that has been linked to attacks on elements of digital infrastructure, including chipmaker NVIDIA, in its chaotic run so far. If verified, an attack on Okta would represent a major attack on digital supply chains. 

Securing digital supply chains has been a major focus for the U.S. Cybersecurity and Infrastructure Agency (CISA) in recent years. 

CISA and U.S. President Joe Biden both warned of potential threats Monday based on “evolving intelligence” about Russian state-backed attempts to interfere with critical infrastructure in response to financial sanctions over the Russian invasion of Ukraine.

“If you have not already done so, I urge our private sector partners to harden your cyber defenses immediately by implementing the best practices we have developed together over the last year,” Biden said in a statement Monday.