Okta's Investigation of LAPSUS$ Update

Auvik is still monitoring the status of Okta’s response.

Okta latest public statements:
https://www.okta.com/blog/

If you have any remaining questions or concerns, please contact support@auvik.com.

At Auvik, transparency with our clients and maintaining our customers' trust is critical to who we are. As you’ve likely heard in the news, Okta released a statement on March 22nd, 2022 regarding a security incident that may have affected their customers. Auvik leverages Okta as an authentication partner for access to the Auvik application and for our own internal authentication. Since the news broke on Okta in the early hours of March 22nd, our team has been investigating and evaluating if there was any impact to Auvik or our customers.

According to the Okta statement release:
“The potential impact to Okta customers is limited to the access that support engineers have. These engineers are unable to create or delete users, or download customer databases. Support engineers do have access to limited data - for example, Jira tickets and lists of users - that were seen in the screenshots. Support engineers are also able to facilitate the resetting of passwords and multi-factor authentication factors for users, but are unable to obtain those passwords.”

At 8:20 pm ET on March 23rd, we received confirmation from Okta that one of Auvik’s Okta instances used for internal purposes may have been serviced by the third-party customer support provider during the five-day time period indicated in Okta’s blog post.

This is up-to-date information and we have been told that a more detailed report will come shortly, and we are in continual communication with Okta in order to expedite the receipt of additional information.

The scope appears to be limited to a subset of internal users, with no Auvik employee accounts compromised. The potentially impacted systems have no access to customer accounts or customer data, and no customer accounts have been affected to our knowledge. Our own logs do not show any signs of potentially malicious behavior from January, when the Okta Security team were first alerted, to the present time.

The security of our users is paramount to us here at Auvik, and we will always act in your best interest. Our team continues to monitor the situation and will take action as any further guidance from Okta becomes available.

If you have any remaining questions or concerns, please contact support@auvik.com.


Okta Statement: https://www.okta.com/blog/2022/03/updated-okta-statement-on-lapsus/