On March 22, identity and access management company Okta disclosed the account compromise of a third-party customer support engineer that occurred in January 2022. LAPSUS$ claimed responsibility for the hack and in an attempt to substantiate their claims, released screenshots of tools that would only be available to Okta employees. Those screenshots included a ticket from Okta’s Jira cloud instance accessed via Okta's own identity service.
Atlassian does not use Okta as an identity provider and while LAPSUS$ may have been able to access Okta’s Atlassian products, Atlassian has found no evidence of a compromise to our systems or cloud products. However, if your company has any integration with Okta, we ask that you reach out to Okta for more information regarding the disclosed incident and perform your own investigation if necessary.
We will continue to monitor the situation as it evolves and provide updates as necessary.
5 comments