Okta admitted that 366 companies, or 2.5% of its client base, were affected by the security breach that allowed hackers to access the company's private internal network.

Okta Clients Affected by Breach

The security firm confirmed the hack after the suspected group behind it, Lapsus$, posted screenshots of Okta's apps and systems on Mar. 21, just two months after the group first gained access to the company's network according to TechCrunch. 

The security breach was initially blamed on a subprocessor that provides clients support services to Okta. In an updated statement on Mar. 23, the company's chief security officer David Bradbury confirmed the subprocessor is a company named Sykes, which was acquired by a contact center giant Sitel in 2021.

Both Sykes and Sitel have wide access to the organizations that they support for facilitating customer requests.

Also Read: Former Yahoo Engineer Accused Of Hacking Thousands Of Accounts To Steal Nudes Pleads Guilty

Hackers have previously targeted customer support companies, which usually have weaker cybersecurity defenses than some of the companies with highly-secured systems.

Both Microsoft and Roblox have experienced the same targeted compromises of customer support agents' accounts that led to access of their private internal systems.

In Okta's case, the Lapsus$ hackers were lurking in Sitel's network for five days, from Jan. 16 to Jan. 21, until the group was detected and removed from its network, according to 9to5Mac.

Okta faced backlash from the wider security industry for the way that it handled the compromise and the long delay in notifying its clients about the situation. The clients of the security company found out about the breach on social media.

According to Bradbury, Sitel hired a forensics firm to investigate the incident, which concluded on Mar. 10. A week later, on Mar. 17, the report was submitted to Okta.

Bradbury admitted that he was disappointed by the long period of time that transpired between the Okta's notification to Sitel and the issuance of the complete investigation report. He admitted that Okta should have moved faster in understanding the report's implications.

In 2017, Okta files a $100 million IPO with a promise of a tight security system.

Teen Suspected to Be the Leader of Lapsus$

Right after Okta confirmed the security breach, another report said a 16-year old teen living at his mother's home in Oxford, England, is the mastermind behind the incident.

Cybersecurity researchers investigated a string of hacks against technology companies and have traced an attack on the teen.

Lapsus$ has baffled cybersecurity experts because it triggered a high-profile hack. The motives behind the hack are not yet clear, but some researchers say they believe the group is motivated by money.

Although the cybersecurity researchers believe that the teen is behind some of the major hacks, they have not been able to link him to every single hack that Lapsus$ has done.

Cybersecurity researchers used forensic evidence from the hack and publicly available information to connect the teen to the group.

Aside from the teen from England, another member of Lapsus$ is suspected to be a teenager from Brazil. The investigators said that they have identified seven unique accounts connected to the hacking group, indicating that there are others involved in the group's operations.

Cybersecurity researchers refused to name the teen who goes by the nickname "White," as he is a minor and has not been charged yet.

Related Article: Google Apps For Work Intros App Recommendations After Hitting 2 Million Paid Customer Milestone

This article is owned by Tech Times

Written by Sophie Webster