Okta says they're seeing nothing though.Does Apple use Okta for anything? FedEx, which is named in the article, took its website down completely earlier today; there wasn't even a homepage message saying there was something wrong.
As of the writing of this post, fedex.com seems to be back up but it is running very slowly.
Hackers hit authentication firm Okta, customers 'may have been impacted'
Okta Inc , whose authentication services are used by companies including Fedex Corp and Moody's Corp to provide access to their networks, said on Tuesday that it had been hit by hackers and that some customers may have been affected.www.reuters.com
Hmm... who to believe?
Okta Investigates Report of Security Breach, Says It Finds No Evidence of New Attack
Identity-management provider Okta said a preliminary investigation found no evidence of ongoing malicious activity after hackers posted images they said were of the company’s internal systems.
www.wsj.com
Okta Investigates Report of Security Breach, Says It Finds No Evidence of New Attack
Identity-management provider Okta Inc. said Tuesday that a preliminary investigation found no evidence of any ongoing malicious activity after hackers posted images they said were of the company’s internal systems.
The screenshots most likely related to an earlier security incident in January, which has already been resolved, the San Francisco-based company said in a statement posted overnight on its website.
Okta investigated after the hacking group LAPSUS$ posted screenshots on Telegram, an instant messaging service, purporting to show that it had gained access to Okta.com’s administrator and other systems. The images were also circulated on other forums, including Twitter.
Okta said in its statement that it believed the shared screenshots were tied to an attempt in January to compromise the account of a third-party customer-support engineer working for a subprocessor. It said the matter had been investigated and contained by the subprocessor.
“Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January,” Okta said.
One Okta customer whose information was included in a screenshot posted by LAPSUS$ was Cloudflare Inc., an internet-infrastructure and security company. In a tweet, Cloudflare CEO Matthew Prince said the company was aware of the breach claim, but he said there was no evidence that its systems were compromised. Cloudflare said it was resetting the credentials of any employees who had changed their passwords in the previous four months.
Mr. Prince later wrote that he hadn’t received a satisfactory answer to concerns over a previous Okta vulnerability incident discovered in December. In January, Okta said it was still investigating that vulnerability, known as “Log4Shell,” which concerned a Java-based logging utility found in a number of software products.
