Recently the hacking group Lapsus$ claimed that it hacked Microsoft and also posted partial source code of Bing, Bing Maps, and Cortana in an archive. After investigation, Microsoft confirmed that it was hacked and parts of the source code were accessed.
Lapsus$ screenshots of hacked Microsoft’s Azure DevOps server on their Telegram channel and later released a torrent for a 9 GB 7zip containing source code of over 250 Microsoft projects. They claimed that they have access to 90% of the source code for Bing.
According to Microsoft Threat Intelligence Center, hackers compromised one of their employees and got access to limited access source code repositories.
“No customer code or data was involved in the observed activities. Our investigation has found a single account had been compromised, granting limited access. Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity,” explained Microsoft in a blog post about the Lapsus$ threat actors.
The company claims that leaked source code isn’t severe enough to cause a big risk to the company.
Lapsus$ is really active these days and is known for hacking Okta, Samsung, Ubisoft, and Nvidia. Now they are linked to Microsoft’s hack.
This group also doesn’t clear its traces and also openly boasts about its activities on social media. They basically use social engineering attacks to steal credentials and hack into organizations.