In this week’s Cyber Weekly Digest we take a look at some of the latest attacks carried out by the Lapsus$ group, including how Lapsus$ was able to access Okta customer data and the source code for various Microsoft projects. Keep reading to stay up to date with the latest cyber security news from across the globe.
On Tuesday, the data extortion group Lapsus$ posted screenshots in their Telegram channel of what it alleges to be access to Okta's backend administrative consoles and customer data. One of the screenshots showed that Lapsus$ could change customer passwords using Okta's admin panel. Researchers are concerned that the extortion group could have used this 'superuser' access as a way to breach customer's servers who use the company's authentication solutions. Okta later this week confirmed that 2.5% of its customers have been affected by the breach.
30 cryptocurrency companies were affected by a Hubspot data breach, including BlockFi, Swan Bitcoin and NYDIG. Hubspot claims that the breach had minimal impact and has already notified the companies affected. Hubspot discovered that the breach occurred due to a threat actor compromising a HubSpot employee account, which had “super admin” access on both internal and external sides of its platform. The breach was limited to names, emails, account types, phone numbers and, in some cases, company names.