CTO Randy Watkins provides more information about the group behind the breach in this informal breakdown of what we know now. 

Listen to the Podcast >

March 23, 2022

Critical Start is monitoring the recent breach against Okta and the associated third-party
service providers that support Okta’s operations.

Okta says 366 corporate customers, or about 2.5% of its customer base, were impacted by a security breach that allowed hackers to access the company’s internal network. The company only acknowledged the compromise after the Lapsus$ hacking and extortion group posted screenshots on Monday, nearly two months after the hackers first gained access to its network.

Key points to know:

• The Okta service has not been breached and remains fully operational.
• There are no corrective actions that need to be taken by customers.
• Any Okta customer that could have potentially been impacted has already been identified and contacted directly by email.
• There is no impact to Auth0 customers, and there is no impact to HIPAA and FedRAMP customers.
• The security breach did not impact legacy Sitel Group systems or networks; only legacy Sykes’ network was affected.
• Lapsus$ has targeted several big-name companies in recent weeks, including Nvidia and Samsung. Microsoft also reported a possible associated security breach.

Critical Start always recommends customers enable MFA for all user accounts. Passwords alone do not
offer the necessary level of protection against attacks. We strongly recommend the usage of hard keys,
as other methods of MFA can be vulnerable to phishing attacks.