Okta says screenshots from January hack could impact 366 customers

Okta, an online identity authentication service used by thousands of U.S. companies to protect their computer networks, said a purported breach of its systems is related to an earlier incident this year. There are no signs of a current threat to Okta as a result of that event, the company told CBS MoneyWatch.

Okta's comment comes after a group calling itself Lapsus$ posted screenshots of what they claimed was the company's internal environment through the messenger service Telegram. They added, "For a service that powers authentication systems to many of the largest corporations (and FEDRAMP approved) I think these security measures are pretty poor." FedRAMP stands for the Federal Risk and Authorization Management Program, which oversees the use of cloud-based programs for federal agencies. 

In a Tuesday blog post from Okta's chief security officer, the company said it determined the screenshots stemmed from a hacker obtaining remote access to a support engineer's computer. The attacker "never gained access to the Okta service via account takeover," but they were able to take screenshots through the hack, noted David Bradbury, the chief security officer.