Okta Reveals Same Hackers of Casino Giants MGM and Caesars Attack 3 Other Companies

A security executive has disclosed the activities of some notorious hacking groups known as ALPHV and Scattered Spider. The hackers were responsible for breaching casino giants like MGM Resorts and Caesars Entertainment in the past.

The same exploiters have recently attacked three other firms in the technology, retail, and manufacturing sectors.

Okta Executive Highlights Hacking Pattern In Recent Cyberattacks

Okta is headquartered in San Francisco and boasts over 17,000 customer bases worldwide. Its operations include identity services like multifactor authentication, which ensures users' security while accessing online websites and applications.

During an interview with Reuters, the chief security officer at Okta, David Bradbury, revealed the incidents of the hacking groups.

According to him, since August, the groups have exploited up to five of Okta's clients, including MGM and Caesars. Bradbury mentioned that Okta identified the breaches, prompting it to issue an alert.

He stated:

We saw this happened in such a small period of time, and we thought we should be coming forward to the industry at large and explaining what's happening here."

Notably, most of Okta US clients reported a consistent trend of attacks. Usually, the exploiters would disguise themselves as the victim's company employees. Then, they'll deceive the company's information technology helpdesk to release duplicate access.

Bradbury confirmed the consistency of such types of attacks within the past six to twelve months. Though he concealed the names of the other attacked firms, he mentioned that investigations are still ongoing with full support from Okta.

But following the hacks on MGM and Caesars, the casino giants lost their market value last week, recording more dips in stock prices.MGM seems to be suffering more, as it is yet to recover from the halt of its various operations. These include its operations at the firm's hotels and gaming venues within Las Vegas and Macau.

Notably, Caesars confirmed the breach of its company earlier this month through a report to regulators. The firm stated that the hackers stole data from several loyalty program members, including driver's licenses and social security numbers.

However, MGM has not made any statement regarding the hack on its company.

Hackers Own Up Their Actions, Threaten More Attacks

The Blackhat hacking group ALPHV owned up to the attack on MGM in its statement released on September 14. According to the hacking group, it has attempted to reach MGM for a ransomware deal but didn't mention any amount for its demand.

Also, ALPHV threatened more attacks on MGM if the company failed to comply with its demands. An earlier tweet from a cybersecurity firm, VX-Underground, indicated how ALPHV exploited the casino giant.The post revealed that the hacking group went on LinkedIn to impersonate a staff of the company and later called the Help Desk.

It touted:

A company valued at $33,900,000,000 was defeated by a 10-minute conversation."

All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk.

A company valued at $33,900,000,000 was defeated by a 10-minute conversation.

- vx-underground (@vxunderground) September 13, 2023

The post Okta Reveals Same Hackers of Casino Giants MGM and Caesars Attack 3 Other Companies appeared first on The Tech Report.