First Microsoft, Then Okta: New Ransomware Gang Posts Data From Both

upstart writes:

First Microsoft, then Okta: New ransomware gang posts data from both:

A relatively new entrant to the ransomware scene has made two startling claims in recent days by posting images that appear to show proprietary data the group says it stole from Microsoft and Okta, a single sign-on provider with 15,000 customers.

The Lapsus$ group, which first appeared three months ago, said Monday evening on its Telegram channel that it gained privileged access to some of Okta's proprietary data. The claim, if true, could be serious because Okta allows employees to use a single account to log in to multiple services belonging to their employer.

In late January 2022, Okta detected an attempt to compromise the account of a third-party customer support engineer working for one of our subprocessors. The matter was investigated and contained by the subprocessor. We believe the screenshots shared online are connected to this January event. Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January.

[...] Over the weekend, the same Telegram channel posted images to support a claim Lapsus$ made that it breached Microsoft systems. The Telegram post was later removed-but not before security researcher Dominic Alvieri documented the hack on Twitter.

Read more of this story at SoylentNews.