Okta finds no evidence of continued malicious activity
By Ben Otto
Identity management software company Okta Inc. found no evidence of continued malicious activity after hackers released images they said belonged to the company’s internal systems.
Okta said on Tuesday that a series of screenshots circulating online appear to be linked to a security event in late January, when the company detected an attempt to compromise the account of a third-party customer support engineer working for the one of its subcontractors. This matter was investigated and contained by the contractor, Okta said.
“Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January,” Okta said. “We believe the screenshots shared online are related to this January event.”
Okta’s investigation comes after hacking group LAPSUS$ posted screenshots on Telegram which it said showed the group’s access to Okta.com admin and other systems . The images were posted on other forums, including Twitter.
More than 15,000 customers, including enterprises, universities and government agencies around the world, use Okta’s services to secure and manage identities, San Francisco-based Okta said in a recent filing.
Write to Ben Otto at ben.otto@wsj.com