Lapsus$ Breach Significantly Smaller Than Expected, Okta

Share post:

Okta said the Lapsus breach that happened in January, was significantly smaller than expected. This was confirmed after a series of investigations.

According to Okta’s Chief Security Officer David Bradbury, the final forensic report showed that the attacker only accessed two active customers after the attacker had gained control of a single workstation used by an engineer working for Sitel.

Bradbury explained that “the threat actor was unable to successfully perform any configuration changes, MFA or password resets or customer support ‘impersonation’ events.”

Okta has ended its relationship with Sitel. Okta now directly manages all third-party devices with access to its customer support tools.

Bradbury said the company will instruct its service providers to meet the new security requirements, including the introduction of the Zero Trust security architecture and authentication via Okta’s IDAM solution for all workplace apps.

The sources for this piece include an article in BleepingComputer.


Related articles

Costs from Global CrowdStrike Outage Could Exceed $1 Billion

The global tech outage caused by a faulty CrowdStrike update on Friday could result in damages exceeding $1...

Kaspersky to shut down its US business due to sanctions

Russian cybersecurity firm Kaspersky Lab announced it will cease its U.S. operations starting July 20, following sanctions from...

Intuit lays off 1,800 people amid a shift to AI

Intuit, the company behind QuickBooks, Credit Karma, and TurboTax, is laying off 1,800 employees, which is about 10%...

VMWare revenue drops by $600 million but Broadcom assures investors growth plan is on track

In its first full quarter under Broadcom's ownership, VMware's revenue fell by $600 million, dropping to $2.7 billion....

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways