First Microsoft, then Okta: New ransomware gang posts data from both

by
Dan Goodin
from Ars Technica - All content on (#5XD2R)
ransom-note-800x609.jpeg

Enlarge (credit: Getty Images)

A relatively new entrant to the ransomware scene has made two startling claims in recent days by posting images that appear to show proprietary data the group says it stole from Microsoft and Okta, a single sign-on provider with 15,000 customers.

The Lapsus$ group, which first appeared three months ago, said Monday evening on its Telegram channel that it gained privileged access to some of Okta's proprietary data. The claim, if true, could be serious because Okta allows employees to use a single account to log in to multiple services belonging to their employer.

Gaining Superuser" status

"BEFORE PEOPLE START ASKING: WE DID NOT ACCESS/STEAL ANY DATABASES FROM OKTA," the Telegram post stated. "Our focus was ONLY on okta customers."

Read 20 remaining paragraphs | Comments

index?i=j1677aHCIVI:ffH_lhyLavY:V_sGLiPB index?i=j1677aHCIVI:ffH_lhyLavY:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments