What happened
Early this morning, Reuters reported that cloud-based cybersecurity company Okta (OKTA 1.21%) was hacked by the now-infamous Lapsus ransomware group (aka "LAPSUS$" aka "LAPSU$"). Okta investors are understandably upset, and shares of the company's stock are down 4.1% as of 10:50 a.m. EDT.
So what
As Reuters reports, "[T]he scope of the hack is unknown, but it could have major consequences because thousands of companies rely on San Francisco-based Okta to manage access to their networks and applications."
Image source: Getty Images.
In a statement, Okta responded that it suffered a "January event" in which an unknown party attempted to compromise the account of a third-party customer-support engineer, but "there is no evidence of ongoing malicious activity beyond the activity detected in January."
Now what
Infosecurity Magazine (IM), however, isn't so sanguine about this latest hack by a ransomware group that's already known to have attacked Nvidia, Samsung, Ubisoft, Vodafone, and perhaps Microsoft in recent weeks.
"Lapsus screenshots reshared on Twitter indicate that the group had 'superuser' or admin access to Okta.com," reports IM. And Lapsus itself seemed to mock Okta's "pretty poor" security, given that "many of the largest corporations" trust Okta with powering their user authentication systems. In IM's view, the screenshots posted don't show that Okta's breach was contained to one single day in January, but rather that "Lapsus had been active inside the company for at least two months" before posting its screenshots on Sunday.
The full extent of the fallout from this breach -- and what it might portend for Okta's sales to its clients -- remains to be seen. As for today, it seems investors are taking a "sell first and ask questions later" approach to the news.
