Are you one of the 15,000 organisations using Okta? UPDATED 22 April 2022

This post was first made on 24 March 2022

I wrote about this yesterday as it got caught up in Lapsus$/Microsoft story – but the network access company, Okta, has been compromised by Lapsus$:

Hundreds of companies potentially hit by Okta hack – BBC News

First Microsoft, then Okta: New ransomware gang posts data from both | Ars Technica

Okta now says: Lapsus$ may have accessed customer info • The Register

Okta revises original statement, says 366 customers affected by Lapsus$ breach – The Record by Recorded Future

This breach happened in January and Okta says it impacted only 366 clients – but the story only came to light as Okta’s name was mentioned in screenshots recently released by Lapsus$.

Update 22 April 2022

Following investigations Okta says only two customers were impacted by the data breach – which was very brief.

Okta: Lapsus$ breach lasted only 25 minutes, hit 2 customers (bleepingcomputer.com)