Lapsus$, a new group of ransomware hackers, has allegedly stolen proprietary data and source code from Microsoft and Okta, according to claims the group made in its Telegram channel. Okta, an identity and access management company, allows its employees to use a single login for multiple employer services, making it particularly vulnerable to such an attack.
Okta claims that an internal investigation shows the breach is limited to a January 2022 incident, which targeted a third-party customer support engineer, and that there is no evidence of ongoing malicious activity.
Lapsus$, however, says that Okta’s assurances of limited compromise are false, claiming it was able to log into a superuser portal with access to reset user passwords and multifactor authentication. The hacking group claims to have leaked source code for Bing, Cortana, and other assets stolen from Microsoft's internal Azure DevOps server.
Lapsus$ says it infiltrated Okta through one of its sub processors, Sykes Enterprises, which is owned by the business services outsourcing company Sitel Group. Lapsus$ has disclosed several other previous successful cyberattacks on large companies, such as NVIDIA, Samsung, Vodafone, Ubisoft, and Mercado Libre.
