Update: March 25, 2022 at 12:30pm ET
We have received confirmation from Okta that NinjaOne was NOT in the list of impacted customers.
— Original post: March 22, 2022 at 5pm ET —
Today, March 22, news broke that identity authentication provider Okta was investigating claims that it had been compromised by the extortionist group LAPSUS$.
Steps we're taking
NinjaOne uses Okta internally as one of the many tools we use to function as a business. As such, the situation has been elevated to our management, security, and privacy teams at the highest levels. We have requested additional information from Okta, and while we do not believe Ninja has been impacted by this incident at this time, we are actively investigating and monitoring the situation closely.
We will update this blog post if and as more information becomes available.
In the meantime, if you're a Ninja customer and you have any questions please reach out to your account manager or email [email protected]
If you're an Okta customer the following external resources provide investigation and response recommendations for your own environments: