Lapsus$ Breached Okta Using Spreadsheet Of Passwords

Share post:

Lapsus$ was able to infiltrate Okta’s internal system after accessing a spreadsheet of passwords on compromised Sitel’s internal network.

Sitel discovered the security incident in its VPN gateways on a legacy network belonging to Sykes, a customer service company working for Okta and acquired by Sitel in 2021.

The attackers used remote access services and publicly accessible hacking tools to compromise and navigate through Sitel’s network.

After gaining deeper visibility into the network, the hackers were able to gain access to a spreadsheet on Sitel’s internal network called “DomAdmins-LastPass.xlsx.”

The spreadsheet file contained passwords for domain administrator accounts that were exported from a Sitel employee’s LastPass password manager.

The hackers created a new Sykes user account that gives them broad access to the organization and helps keep them within the system in case they were discovered and locked out.

For more information, read the original story in TechCrunch.

Featured Tech Jobs


Related articles

Controversial expansion of US surveillance powers nears Senate vote

The US Senate is poised to vote on a significant expansion of Section 702 of the Foreign Intelligence...

Boeing faces allegations of ‘criminal coverup’ in Senate hearing

During a recent Senate hearing, Ed Pierson, a former Boeing manager and whistleblower, made striking allegations about a...

US-China chip race intensifies with major investments and domestic shifts

In a significant strategic move, the Biden administration has announced a $6.4 billion grant to Samsung to boost...

The US government and Its Microsoft dependency: A cybersecurity dilemma

Microsoft's series of high-profile cybersecurity failures has once again spotlighted the complex relationship between the tech giant and...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways