Preliminary Investigation Finds No Evidence of Okta Breach

Publish Date


Cyber Alert


  • Cybersecurity
  • Cybersecurity Resources

Okta, an authentication software firm, announced Tuesday morning its preliminary investigation into a suspected breach found no evidence of malicious activity. The announcement comes after screenshots and images of the software company’s internal systems were circulated online early March 22nd by the hacking group LAPSUS$. The software company stated that the screenshots were likely from a previously resolved January security incident in which hackers attempted to compromise the account of a third-party customer support engineer.   

More than 15,000 customers globally depend on Okta’s software to verify identities and manage access to their networks and applications. Given Okta’s expansive and diverse customer base, the discovered screenshots triggered initial alarm as a potential breach of this scale would pose significant implications for both Okta users as well as their supply chains.  

Our Guidance

While the preliminary investigation found no evidence of a suspected breach, we recommend taking the following precautionary steps to protect your organization:

  • Monitor and review logs for suspicious activity  
  • Rotate and reset Okta admin credentials  
  • Communicate with your MSP about their response to recent Okta events  
  • Monitor latest Okta investigative developments  

How We Help

We will continue to monitor the latest developments. For questions about this alert, or to find out how we can help you meet your regulatory cybersecurity obligations, please reach out to your consultant or contact us.