# LAPSUS$ Cyber Gang Claims Major Data Breach at Okta
Written on
Chapter 1: LAPSUS$ Makes Headlines
On a hectic Monday evening, the notorious cyber extortion group LAPSUS$ appeared to have struck again, sending shockwaves through the tech community. Known for their high-profile breaches of major corporations like Nvidia and Samsung, LAPSUS$ shared what they claimed were internal screenshots from Okta, a company that provides authentication services for numerous organizations.
This paragraph will result in an indented block of text, typically used for quoting other text.
Section 1.1: Okta Responds to Claims
According to reports from Reuters, Okta swiftly initiated an inquiry into the allegations. Shortly after, Chris Hollis, the senior manager of security and crisis communications at Okta, communicated via email that the screenshots shared by LAPSUS$ seem to pertain to "an attempt to compromise the account of a third-party customer support engineer working for one of our subprocessors" dating back to "late January 2022." This aligns with a date visible in some of the posted screenshots from LAPSUS$. Hollis assured that the issue was "contained by the subprocessor" and asserted, "there is no evidence of ongoing malicious activity beyond the activity detected in January."
Subsection 1.1.1: Public Reaction
Todd McKinnon, Okta's CEO, echoed this sentiment in a post on Twitter. However, many users expressed dissatisfaction with the characterization of the incident as merely an "attempt" at compromise, particularly as the screenshots released by LAPSUS$ suggested that the breach may have been successful.
Section 1.2: Additional Breaches Revealed
LAPSUS$ did not stop at Okta; they also claimed to have leaked source code obtained from Microsoft, which reportedly included a "90% complete dump" of Bing Maps and nearly half of the code for both Bing and Cortana. Furthermore, they indicated the impending release of data related to LG Electronics. Although LAPSUS$ announced the Microsoft breach on their Telegram channel the previous Sunday, that post was later removed, prompting Microsoft to launch its own investigation.
Chapter 2: Implications for Cybersecurity
In this video, experts discuss the implications of the recent breach at Okta and the vulnerabilities exposed by LAPSUS$.
This video covers the recent Hack Talks episode, which delves into various security advisories and the broader impact of these hacking incidents on the tech industry.