New Report on Okta Hack Reveals the Entire Episode LAPSUS$ Attack


An independent security researcher has shared what’s a detailed timeline of events that transpired as the notorious LAPSUS$ extortion gang broke into a third-party provider linked to the cyber incident at Okta in late January 2022.

In a set of screenshots posted on Twitter, Bill Demirkapi published a two-page “intrusion timeline” allegedly prepared by Mandiant, the cybersecurity firm hired by Sitel to investigate the security breach. Sitel, through its acquisition of Sykes Enterprises in September 2021, is the third-party service provider that provides customer support on behalf of Okta.

The authentication services provider revealed last week that on January 20, it was alerted to a new factor that was added to a Sitel customer support engineer’s Okta account, an attempt that it said was successful and blocked.

Read more…