Suspected Okta hackers arrested by British police

Okta logo is displayed in this illustration taken March 22, 2022. REUTERS/Dado Ruvic/Illustration

Register now for FREE unlimited access to Reuters.com

LONDON/WASHINGTON, March 24 (Reuters) – Police in Britain have arrested seven people following a series of hacks by the Lapsus$ hacking group which targeted major firms including Okta Inc (OKTA.O) and Microsoft Corp (MSFT.O), City of London Police said on Thursday.

San Francisco-based Okta Inc, whose authentication services are used by some of the world’s biggest companies to provide access to their networks said on Tuesday that it had been hit by hackers and that some customers may have been affected. read more

“The City of London Police has been conducting an investigation with its partners into members of a hacking group,” Detective Inspector Michael O’Sullivan said in an emailed statement in response to a question about the Lapsus$ hacking group.

Register now for FREE unlimited access to Reuters.com

The ransom-seeking gang had posted a series of screenshots of Okta’s internal communications on their Telegram channel late on Monday.

“Seven people between the ages of 16 and 21 have been arrested in connection with this investigation and have all been released under investigation,” O’Sullivan said.

News of the digital breach had knocked Okta shares down about 11 percent amid criticism of the digital authentication firm’s slow response to the intrusion. read more

Shares of Okta were trading down 4.8% on Thursday.

City of London Police did not directly name Lapsus$ in its statement. A spokeswoman said none of the seven people arrested had been formally charged, pending investigation.

WHO ARE LAPSUS$?

Last month, Lapsus$ leaked proprietary information about US chipmaker Nvidia Corp (NVDA.O) to the Web. read more

More recently the group has purported to have leaked source code from several big tech firms, including Microsoft.

In a blog post published Tuesday and devoted to Lapsus$, the software firm confirmed that one of its accounts had been compromised, “gaining limited access.”

Lapsus$ have not responded to repeated requests for comment on their Telegram channel and by email.

Digital security professionals who have followed the group are torn between dismissing them as attention-seeking pranksters or ruthless operators in the mold of Russian ransomware gangs.

It could be a bit of both, said Chester Wisniewski of British cybersecurity firm Sophos.

He said that the group did not appear to use malicious software to encrypt their victims’ networks, a hallmark of digital extortionists.

They instead manually lay waste to their targets’ networks, often after making bizarre ultimatums like the time they demanded that Nvidia make the software for its drivers open source – and remove the limits on equipment often used to mine bitcoin.

“With these guys, they don’t seem to be after much of anything,” said Wisniewski. “The few demands they’ve made have been outrageous and unrealistic.”

A teenager living near Oxford, England, is suspected of being behind some of the most notable attacks, Bloomberg News reported on Wednesday.

Reached by phone, the father of the teenager – who cannot be named because they are a minor – declined to comment.

Register now for FREE unlimited access to Reuters.com

Reporting by James Pearson in London and Raphael Satter in Washington; Editing by Catherine Evans, Raissa Kasolowsky and Jonathan Oatis

Our Standards: The Thomson Reuters Trust Principles.

.

Leave a Reply