This post was first made on 24 March 2022
I wrote about this yesterday as it got caught up in Lapsus$/Microsoft story – but the network access company, Okta, has been compromised by Lapsus$:
Hundreds of companies potentially hit by Okta hack – BBC News
First Microsoft, then Okta: New ransomware gang posts data from both | Ars Technica
Okta now says: Lapsus$ may have accessed customer info • The Register
This breach happened in January and Okta says it impacted only 366 clients – but the story only came to light as Okta’s name was mentioned in screenshots recently released by Lapsus$.
Update 22 April 2022
Following investigations Okta says only two customers were impacted by the data breach – which was very brief.
Okta: Lapsus$ breach lasted only 25 minutes, hit 2 customers (bleepingcomputer.com)