Lapsus$ Hackers Claim to Have Breached Microsoft and Authentication Firm Okta
Lapsus$ Hackers the cyber criminal group posted screenshots and source code of what it said were the companies' internal projects and systems on its Telegram channel.
The leaked 37GB archive shows that the group may have accessed the repositories related to Microsoft's Bing, Bing Maps, and Cortana, with the images highlighting Okta's Atlassian suite and in-house Slack channels.
LAPSUS$ have gotten access to the Cloudflare tenant with the ability to reset employee passwords, the company failed to publicly acknowledge any breach for at least two months."
LAPSUS$ has since clarified that it did not breach Okta's databases and that "our focus was ONLY on Okta customers."
In late January 2022, Okta detected an attempt to compromise the account of a third-party customer support engineer working for one of our subprocessors. The matter was investigated and contained by the subprocessor
Cloudflare, in response, said it's resetting the Okta credentials of employees who have changed their passwords in the last four months, out of abundance of caution.
In the months since it went active in late December 2021, the cybercrime gang has racked up a long list of high-profile victims, including Impresa, NVIDIA, Samsung, Mercado Libre, Vodafone, and most recently Ubisoft.