Tech

First Microsoft, then Okta: New ransomware gang posts data from both

Stock photo of ransom note with letters cut out of newspapers and magazines.

Enlarge (credit: Getty Images)

A relatively new entrant to the ransomware scene has made two startling claims in recent days by posting images that appear to show proprietary data the group says it stole from Microsoft and Okta, a Single Sign-On provider with 15,000 customers.

The Lapsus$ group, which first appeared three months ago, said Monday evening on its Telegram channel that it gained privileged access to some of Okta’s proprietary data. The claim, if true, could be serious because Okta allows employees to use a single account to log into multiple services belonging to their employer.

Gaining “Superuser” status

“BEFORE PEOPLE START ASKING: WE DID NOT ACCESS/STEAL ANY DATABASES FROM OKTA,” the Telegram post stated. “Our focus was ONLY on okta customers.”

Read 20 remaining paragraphs | Comments