Identity and access management company Okta (NASDAQ:OKTA) said it may have sustained a security breach after the hacking group Lapsus$ published screenshots on Telegram, claiming it has gained access to Oktas internal systems.
A security breach at Okta could result in significant consequences given that the company is used by thousands of businesses, universities, and government agencies that rely on Oktas authentication solutions.
The company has more than 15,000 customers worldwide, including numerous well-known companies such as Peloton (NASDAQ:PTON), T-Mobile, the FCC, Sonos (NASDAQ:SONO), and others.
Lapsus$ posted the screenshots on its Telegram channel, saying it has had access to Oktas systems for two months, but said the focus was only on Oktas clients.
However, Okta spokesman Chris Hollis said the company is yet to find evidence of the alleged breach.
In late January 2022, Okta detected an attempt to compromise the account of a third-party customer support engineer working for one of our subprocessors. The matter was investigated and contained by the subprocessor. Hollis said. We believe the screenshots shared online are connected to this January event.
The investigation so far showed no evidence of ongoing malicious activity beyond the activity detected in January, Hollis added.
Lapsus$ is a hacking group that has claimed responsibility for a number of cyberattacks on globally-known companies and organizations including Nvidia (NASDAQ:NVDA), Microsoft (NASDAQ:MSFT), Samsung (KS:005930), and Ubisoft, among others.
Okta stock price is down over 11% in pre-open Tuesday.