CRITICAL EXPOSURE
Sector: Identity & Access Management (IAM)
Okta
Targeted Breach
The LAPSUS$ extortion group breached Okta via a third-party customer support engineer's laptop. While the direct database wasn't dumped, attackers gained temporary 'Superuser' access, allowing them to reset passwords and view support tickets of major enterprises.
Total Assets Compromised
2.5% of Customer Base Impacted
Primary Kill Chain Vector
Third-Party Support Engineer Compromise
Incident Timeline Marker
January 2022
Could your infrastructure sustain the same vector?
The exact techniques used in the Okta breach are being commoditized on dark web forums. Run our simulated intelligence recon to calculate your immediate blast radius exposure in the Identity & Access Management (IAM) sector.
Run Blast Radius CalculatorSecure Tool • No Card Required