British police say seven people arrested after Okta hack

San Francisco-based Okta Inc, whose authentication services are used by some of the world’s biggest companies to provide access to their networks said on Tuesday that it had been hit by hackers and that some customers may have been affected.

“The City of London Police has been conducting an investigation with its partners into members of a hacking group,” Detective Inspector Michael O’Sullivan said in an emailed statement in response to a question about the Lapsus$ hacking group.

The ransom-seeking gang had posted a series of screenshots of Okta’s internal communications on their Telegram channel late on Monday.
“Seven people between the ages of 16 and 21 have been arrested in connection with this investigation and have all been released under investigation,” O’Sullivan said.

News of the digital breach had knocked Okta shares down about 11 percent amid criticism of the digital authentication firm’s slow response to the intrusion.

City of London Police did not directly name Lapsus$ in its statement. A spokeswoman said none of the seven people arrested had been formally charged, pending investigation.

Lapsus$ have not responded to repeated requests for comment on their Telegram channel and by email. Last month, Lapsus$ leaked proprietary information about U.S. chipmaker Nvidia Corp to the Web.

More recently the group has purported to have leaked source code from several big tech firms, including Microsoft.
In a blog post published Tuesday and devoted to Lapsus$, the software firm confirmed that one of its accounts had been compromised, “gaining limited access.”