Authentic8 Security Advisory 20220323-1

Determination that Authentic8 was not impacted by the Okta LAPSUS$ breach



Associated CVE IDs

None



Description

Authentic8 and its leveraged Okta services were not impacted by the LAPSUS$ breach reported by Okta and detailed in their official statement on the matter.


On March 21, 2022, the group known as LAPSUS$ made claims that they had breached Okta’s security. Because Authentic8 leverages Okta for authentication services involved in the management of certain systems, our Security directorate was alerted to the Okta breach immediately after it was first made public and initiated an investigation to determine any potential impact. As a result of that investigation, we have determined that Authentic8 and its leveraged Okta services were not impacted by the LAPSUS$ breach. 


This analysis was later corroborated by Okta, who sent Authentic8 Security a formal notification advising that Authentic8 was not impacted by the event. 



Additional Notes  

Please contact Support if you have any additional questions and/or require further information.



Disclaimer

Because this is a developing security event, Authentic8 reserves the right to change or update this advisory at any time and expects to update it as new information becomes available. This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information in this advisory or materials linked herein is at your own risk.