LAPSUS looks to be in everything of Okta’s. JIRA, Slack, Etc. But some of the screenshots seems to show Super User access capable of modifying/accessing customer accounts. 😬😬
This is gonna be a ride. 🔥
— _MG_ (@_MG_) March 22, 2022
Yep. LAPSUS is claiming to have been in Okta for 2 months.
How many customer networks do you suppose they have been in as a result? What percent haven’t detected anything so far? t.co/cUPCySZ1rf pic.twitter.com/aIV5IaL5OQ
— _MG_ (@_MG_) March 22, 2022
Based on screenshots, this was an outsourced contractor (working at SYKES) who was working for Okta. Probably a call center employee.
Contractors are a common "soft" pathway for most companies.
— _MG_ (@_MG_) March 22, 2022
If they aren’t transparent first thing tomorrow morning, this will hurt their customers.
Let’s hope @okta doesn’t have a garbage legal team who forces them to deny as much as possible and drag things out.
— _MG_ (@_MG_) March 22, 2022
Is the same hackers that hacked nvidia and samsung?
— Sebastian (@seb3153) March 22, 2022
Yes.
— rigwild ⚡ 𝕊 (@rigwild_) March 22, 2022
h/t dr0id