Okta data breach reports
A hand on the keyboard is seen with binary code displayed on a laptop screen in this illustration photo taken in Krakow, Poland on August 17, 2021. (Photo by Jakub Porzycki/NurPhoto via Getty Images)
NEW YORK - A hacking group claims that it had broken into the computer systems of computer security company Okta.
Lapsus$ posted screenshots on its Telegram channel Monday while claiming it had gotten into the databases of the identity management firm. Telegram is an instant messaging platform.
But Okta said Tuesday that "there is no evidence of ongoing malicious activity" on its systems.
Company CEO Todd McKinnon says that there had been an attempt to compromise the account of a third-party engineer working for a subcontractor. He says the screenshots appear to be from that January event.
"The matter was investigated and contained by the subprocessor," McKinnon said in a tweet on Tuesday morning.
Thousands of companies use Okta to manage their employees' identities and authenticate their access to computer systems.
Lapsus$ said it did steal any information from Okta in its breach. It claimed it was simply looking out for the company's customers.
Internet security company Cloudflare said that it was reacting to the possible hack.
CEO Matthew Price tweeted that the company was "resetting the @Okta credentials of any employees who’ve changed their passwords in the last 4 months, out of abundance of caution. We’ve confirmed no compromise. Okta is one layer of security. Given they may have an issue we’re evaluating alternatives for that layer."
LAPSUS$ has claimed to have hacked a series of companies recently including Samsung Electronics and Nvidia.