Identity Authentication as a Service

Cloud is a solution for everything. Databases, Message-Queues, Storage, Loadbalancing, everything. You’ll leverage somebody else’s Computer to run your workload, you’ll store data to help your business scale. Even Identity Authentication as a Service is a thing.

Well, until the remote provider gets hacked. This is in particular bad if the provider offers authentication and has employee credentials.

And it looks like Okta has fallen victim to Lapsus, a Russian Ransomware Group. At this point, this appears unconfirmed. But it will be a lot of trouble, way beyond Decembers Log4J RCE, if true.