Microsoft and Okta confirmed that they were hacked by Lapsus $

A few hours after the hacker group Lapsus $ published proof of this Microsoft and Okta authentication platform was attackedAfter two internal investigations, The two companies confirmed that they were victims of a hack. The first to do so, as they point out from very computerAfter the attacker group also published a file of approximately 37 gigabytes containing a portion of the source code for Bing and Cortana.

as detailed On the Microsoft Security Blogthe group they consider DEV-0537They gained access to one account and stole a portion of the source code for some of their products. Apparently, Microsoft researchers have been following the group for several weeks, and indicated that their goal “Gaining high-level access, through stolen credentials, that enables data theft and destructive attacks on a target organization, often resulting in extortion. Tactics and objectives indicate that he is a cybercriminal actor driven by theft and destruction«.

Despite these conclusions, they assured Microsoft that the code leak isn’t serious enough to raise the stakes, and they also assert that their response teams were able to stop the hackers when they indulged in the attack and prevent the attack from continuing. The company also ensures that the customer code or any of his data is not compromised.

Regarding octaIn addition to confirming those responsible for the attack that occurred last January I acknowledge Which may have affected several hundred of its roughly 15,000 clients, roughly 2.5% of the total. This is confirmed by Corporate Security Officer, David Bradburya few hours after he posted several screenshots related to the platform’s account and channel on Slack.

This attack sparked a great deal of alarm among Okta customers and security experts, given the service’s popularity in companies and entities around the world, and the access a hacker could gain if they were attacked by an Okta attack. But according to Bradbury, Okta’s service was not compromised as such, and what the attackers did in this case was gain access to the laptop of an engineer who was providing technical support to the company.

Thus, according to Bradbury, “The potential impact for Okta customers is limited to access to support engineers«. Also remember that “Support engineers can also facilitate password resets and multi-factor authentication schemes, but they cannot obtain passwords«.