Okta says screenshots revealing hack stem from January incident

Okta, an online identity authentication service used by thousands of U.S. companies to protect their computer networks, said a purported breach of its systems is related to an earlier incident this year. There are no signs of a current threat to Okta as a result of that event, the company told CBS MoneyWatch.

Okta's comment comes after a group calling itself Lapsus$ posted screenshots of what they claimed was the company's internal environment through the messenger service Telegram. They added, "For a service that powers authentication systems to many of the largest corporations (and FEDRAMP approved) I think these security measures are pretty poor." FedRAMP stands for the Federal Risk and Authorization Management Program, which oversees the use of cloud-based programs for federal agencies. 

A hack at Okta could pose risks for corporations and workers, given that the service is used by more than 15,000 organizations. According to security firm Check Point Software, Lapsus$ is a cybercriminal group based in Brazil that has boasted about breaking into companies such as Nvidia, Samsung and Ubisoft. It is unclear how Lapsus$ hacked into those businesses, the firm added.