Okta had another security incident, this time involving stolen source code
Microsoft and Okta are investigating potential attacks by the Lapsus$ hacking group
Microsoft and identity authentication company Okta are both investigating potential attacks that may have been carried out by the South American hacking group Lapsus$. The collective claims to have stolen source code for Bing, Cortana and internal Microsoft projects from a server.
Lapsus$ released a torrent on Monday that’s said to contain 37GB of source code for around 250 projects, according to BleepingComputer. The group claims the data includes 90 percent of Bing’s source code and 45 percent of Cortana and Bing Maps code. Other affected projects seem to include websites, mobile apps and web-based infrastructure.
The leaks reportedly contain internal emails and documentation related to published mobile apps. The torrent is not believed to include code for desktop software such as Windows or Microsoft Office.
““We are aware of the claims and are investigating,” a Microsoft spokesperson told Engadget.
The same group has also targeted Okta, though the company says it has not yet found evidence of a new breach following an incident in January.
“In late January 2022, Okta detected an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors,” an Okta spokesperson told Engadget. “The matter was investigated and contained by the subprocessor. We believe the screenshots shared online are connected to this January event. Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January.”
Lapsus$ posted screenshots of what it claimed was Okta’s internal systems. As The Wall Street Journal reports, the hackers claimed not to have accessed or obtained data on Okta itself and were focused on the company’s customers, which include Cloudflare, Grubhub, Peloton, Sonos, T-Mobile and Engadget parent Yahoo.
The hacking group has attacked other high-profile targets in recent weeks, including NVIDIA, Samsung and Ubisoft. NVIDIA confirmed that hackers obtained company data in February, while Lapsus$ claimed to have leaked 190GB of Samsung data.
Update 3/22 8:45AM ET: Added Microsoft’s statement.