Cyber Resilience

Okta (US)

Threat actors publicly named in connection with targeting Okta. Sorted by IDF score (rarity-weighted CVE attribution) with extraction confidence as tiebreaker. Each row's evidence is a verbatim quote from the source attribution.

2 attributed actor(s) · Category mix: hacktivist=1, unknown=1 · Attacker regions: International=1, —=1

Actor Category Sponsor Confidence Evidence CVEs IDF Last active
Scattered Spider (G1015)unknown0.90obtain administrator access in Okta, AWS, and Office 365.11.22026
LAPSUS$ (hacktivist persona) (HACK-LAPSUS-HACKTIVIST)hacktivist0.95claiming high-profile breaches at Microsoft, NVIDIA, Samsung, Okta00.0

Sibling victims

Other named victims whose attacker circle overlaps with this one — defenders use this to find sectoral or geographic cohorts that face the same actors.

« All victims  ·  All actors  ·  Browse by sector  ·  Recent breach notifications