On Monday evening, the Lapsus$ digital extortion gang published a series of increasingly shocking posts in its Telegram channel. First, the group dumped what it claims is extensive source code from Microsoft's Bing search engine, Bing Maps, and Cortana virtual assistant software. A potential breach of an organization as big and security-conscious as Microsoft would be significant in itself, but the group followed the post with something even more alarming: screenshots apparently taken on January 21 that seem to show Lapsus$ in control of an Okta administrative or "super user" account. Okta is a near-ubiquitous identity management platform used by thousands of large organizations that want to make it easy--and, crucially, secure--for their employees or partners to log in to multiple services without juggling a dozen passwords. Past breaches, like 2020's notorious Twitter meltdown, have stemmed from attackers taking over access to an administrative or support account that has the ability to modify customers' accounts.