Authentication services provider Okta Inc is investigating a report of a digital breach, the company said on Tuesday, after hackers posted screenshots showing what they claimed was its internal company environment.
A hack at Okta could have major consequences because thousands of other companies rely on the San Francisco-based firm to manage access to their own networks and applications.
The company was aware of the reports and was investigating, Okta official Chris Hollis said in a brief statement.
Security experts told Reuters the screenshots appeared to be authentic.
“I definitely do believe it is credible,” said independent security researcher Bill Demirkapi, citing pictures of what appeared to be Okta’s internal tickets and its in-house chat on the Slack messaging app.
If what was seen in the screen shots are true, the breach could have been dated back to January of 2022.
Dan Tentler, the founder of cybersecurity consultancy Phobos Group, said he too believed the breach was real and urged Okta customers to be “very vigilant right now.”
In an email, Tentler added, “There are timestamps and dates visible in the screenshots indicating January 21st of this year, which suggests they may have had access for two months.”
We will keep you guys updated on this breach as we get more information.