Lapsus$ Breached Okta Using Spreadsheet Of Passwords

Lapsus$ was able to infiltrate Okta’s internal system after accessing a spreadsheet of passwords on compromised Sitel’s internal network.

Sitel discovered the security incident in its VPN gateways on a legacy network belonging to Sykes, a customer service company working for Okta and acquired by Sitel in 2021.

The attackers used remote access services and publicly accessible hacking tools to compromise and navigate through Sitel’s network.

After gaining deeper visibility into the network, the hackers were able to gain access to a spreadsheet on Sitel’s internal network called “DomAdmins-LastPass.xlsx.”

The spreadsheet file contained passwords for domain administrator accounts that were exported from a Sitel employee’s LastPass password manager.

The hackers created a new Sykes user account that gives them broad access to the organization and helps keep them within the system in case they were discovered and locked out.

For more information, read the original story in TechCrunch.

Lapsus$ Breached Okta Using Spreadsheet Of Passwords

Top Stories

Toyota confirms leak of 240GB of sensitive data in recent hack

Former Google CEO Eric Schmidt makes controversial comments

Study says 94% of spreadsheets contain critical errors

Google anti-trust ruling a financial disaster for Firefox

Related Articles

Microsoft Pledges to Shield European Cloud Services Amid Rising Geopolitical Tensions

DOGE Accused of Creating Massive Surveillance System Under Musk-Led Trump Administration

Is the U.S. Undermining Its Tech Leadership? Visa Crackdowns and China’s Academic Surge Raise Concerns

US Bank Regulator Hacked – Sensitive Banking Info Stolen

Jim Love

Follow Us

Popular categories

Tech News Delivered