Authentication Platform Okta Confirms Breach Impacts Customer Base
Authentication platform Okta has confirmed they were breached and customer base impacted after threat actors Lapsus$ gained access to the company’s internal environment...
Lital Asher-Dotan
A U.S. software vendor believed that it had an infected server due to several behavioral abnormalities spotted by its security team. Even though the company had several security platforms in place, including an antivirus, sandbox and a SIEM, they couldn’t confirm their suspicions.
The company reached out to Cybereason to help it figure out if its hunch was valid. In fewer than 24 hours Cybereason deployed its sensors across the customer’s entire environment of 19,000 endpoints, allowing their security team to immediately start detecting threats. The platform discovered a unique advanced persistent threat that had compromised the company's IT environment months earlier.
The attack targeted the company's Outlook Web App server in a way that allowed the adversaries to record authentication credentials. This provided the attackers with a backdoor into our customer's environment and allowed them to collect and retain ownership over all of the company’s user credentials. These credentials are akin to the hackers having a set of keys that opened every door in the company’s office. In fact, having this information allowed the hackers to maintain persistent control over the organization’s IT environment for almost a year.
The security team’s instincts were spot on: there was more to the OWA server’s odd behavior. However, this suspicion was only confirmed months after attackers had compromised the system. Only by using behavioral analysis was the security team able to detect, understand and contain this clever hack. Even the most talented security analysts would have spent weeks manually investigating the situation to discover the threat.
To learn how full endpoint visibility and automatic detection revealed the full attack, read the case study.
Lital is a Marketing Team Leader, Storyteller, Technology Marketing Expert. She joined Cybereason as the first marketing hire and built a full marketing department. Specializing in brand building, product marketing, communication and content. Passionate about building ROI-driven marketing teams.
Authentication platform Okta has confirmed they were breached and customer base impacted after threat actors Lapsus$ gained access to the company’s internal environment...
The Cybereason Team is really excited to welcome Osamu Yamano as President of Cybereason Japan. Yamano will oversee the company’s operations in the region and will be responsible for expanding Cybereason business opportunities...
Authentication platform Okta has confirmed they were breached and customer base impacted after threat actors Lapsus$ gained access to the company’s internal environment...
The Cybereason Team is really excited to welcome Osamu Yamano as President of Cybereason Japan. Yamano will oversee the company’s operations in the region and will be responsible for expanding Cybereason business opportunities...
Get the latest research, expert insights, and security industry news.
Subscribe