Okta acknowledges 'mistake' in handling of Lapsuss attack


Identity-as-a-Service (IDaaS) provider Okta has admitted that it committed a critical error in its management of the extortion group Lapsus$’s attack on a supplier.

The attempt to add the new factor - a password - was unsuccessful, according to the FAQ, but Okta reset the account on January 21 and contacted Sitel, which ““commissioned a prominent forensic firm to conduct an investigation.

Read More…