THERE is a new hacking group that has emerged in the past few months
The group called Lapsus$ has targeted a series of high-profile victims, most recently authentication company Okta.
1
Who are Lapsus$?
The hackers who have a strong social media presence on Telegram, are focused on data theft rather than ransomware.
They tend to threaten to leak the victim’s stolen files unless they receive payment.
While they seemed to target mainly Portuguese-language victims at first such as Portuguese media firm Impresa and Brazil’s health ministry, they have now expanded to more companies across the world.
Did Lapsus$ hack Okta?
On March 22, 2022, Lapsus$ posted screenshots in their Telegram channel allegedly of Okta’s customer data.
It said: “For a service that powers authentication systems to many of the largest corporations (and FEDRAMP approved) I think these security measures are pretty poor[…].”
“Before people start asking, we did not access/steal any databases from Okta — our focus was only on Okta customers.”
Okta has said in response it is investigating the claims of a data breach.
Most read in The Sun
It said in a statement: “In late January 2022, Okta detected an attempt to compromise the account of a third-party customer support engineer working for one of our sub-processors.
“The matter was investigated and contained by the sub-processor.
“We believe the screenshots shared online are connected to this January event. Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January.”
Who else have Lapsus$ hacked?
Lapsus$ have also targeted other big names over the past few months including Samsung, Nvidia, and Ubisoft.
In February 2022, the group stole 1 terabyte of data from Nvidia including sensitive information, source code, usernames and passwords.
A few days later the hackers announced they had stolen 190 gigabytes of data from Samsung including information about the Galaxy smartphone biometric authentication system.
On March 10, Ubisoft released a statement confirmed it suffered a breach.
It read: “Last week, Ubisoft experienced a cyber security incident that caused temporary disruption to some of our games, systems, and services.
“As a precautionary measure we initiated a company-wide password reset … There is no evidence any player personal information was accessed or exposed as a by-product of this incident.”
We pay for your stories!
Do you have a story for The US Sun team?
