UPDATED 13:14 EDT / MARCH 22 2022

SECURITY

Okta and Microsoft breached by Lapsus$ hacking group

The Lapsus$ hacking group has carried out cyberattacks against Okta Inc. and Microsoft Corp., according to multiple reports published today and later confirmed by both companies.

The same hacking group previously compromised proprietary data belonging to Nvidia Corp. and Samsung Electronics Co. Ltd.

Publicly traded Okta provides software that companies use to manage how employees log into internal business applications. Okta has more than 15,000 customers worldwide, including major enterprises. Because the company’s software is used to manage employee logins, it plays an important role in its customers’ cybersecurity operations.  

Reuters reported today that the Lapsus$ hacking group posted screenshots of internal Okta information on Telegram late Monday. Okta confirmed the breach this morning and shared additional details.

“In late January 2022, Okta detected an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors,” stated Okta co-founder and Chief Executive Officer Todd McKinnon. “The matter was investigated and contained by the subprocessor.”

Elaborating, McKinnon added that “we believe the screenshots shared online are connected to this January event. Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January.”

Shortly before Okta confirmed the incident, BleepingComputer reported that Lapsus$ had launched a cyberattack against Microsoft as well. The hacking group reportedly obtained the source code for multiple Microsoft products including Bing.

According to BleepingComputer, Lapsus$ posted a screenshot on its Telegram page late Sunday that indicated it had hacked Microsoft’s internal Azure DevOps deployment. Azure DevOps is a platform that developers use to store source code and perform related software development tasks. On Monday, Lapsus$ reportedly leaked a file containing 37 gigabytes of internal Microsoft data, including source code for Bing, Cortana and other products.

Microsoft stated today that it is investigating the matter. The company has not confirmed whether its internal Azure DevOps deployment experienced a breach. 

Lapsus$ recently carried out high-profile cyberattacks against multiple other tech giants. According to reports from earlier this month, the hacking group compromised Nvidia’s internal systems and stole proprietary data from the chipmaker. More recently, Samsung disclosed a breach that compromised “source code relating to the operation of Galaxy devices” and was reportedly carried out by Lapsus$ as well.

Data breaches affecting the tech industry’s largest companies are fairly rare. Major tech firms make significant investments in cybersecurity: Microsoft, for example, spends about $1 billion every year on protecting its network from hackers. The recent data breaches targeting tech giants could lead the industry’s major players, as well as smaller companies such as startups, to further expand their cybersecurity operations.

Image: Unsplash

A message from John Furrier, co-founder of SiliconANGLE:

Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.

  • 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
  • 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.