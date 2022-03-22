“For a service that powers authentication systems to many of the largest corporations ... I think these security measures are pretty poor,” Lapsus$ commented in the channel.

On its Telegram channel, Lapsus$ posted screenshots of its alleged access to Okta administrative and other systems.

The hacking group Lapsus$ claims it gained internal access to the system privileges of Okta, the San Francisco-based company that manages user authentication services for thousands of corporate clients.

Okta shares fell 8% in U.S. premarket trading Tuesday.

“In late January 2022, Okta detected an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors. The matter was investigated and contained by the subprocessor,” Chief Executive Officer Todd McKinnon wrote in a Twitter post. “We believe the screenshots shared online are connected to this January event. Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January.”

In its posts, Lapsus$ also said it did not access or steal any databases from Okta. “Our focus was only on Okta customers,” one comment noted.

Cloudflare Inc., a website security company that is a customer of Okta’s, was aware that Okta may have been compromised, CEO Matthew Prince said on Twitter.

“We are resetting the Okta credentials of any employees who’ve changed their passwords in the last 4 months, out of abundance of caution. We’ve confirmed no compromise. Okta is one layer of security. Given they may have an issue, we’re evaluating alternatives for that layer,” he added.

Lapsus$ also had touted leaks of employee accounts for LG Electronics Inc. and source code for Bing, the Microsoft Corp. search engine, and Cortana, Microsoft’s virtual assistant.

Microsoft said it’s investigating the claims of a breach. An LG spokeswoman said in a text message that the company assumed email accounts of employees were leaked but there appears to be no damage to customer data.

