Microsoft and Okta are investigating the issue while LAPSUS$ hackers have leaked GBs worth of data apparently including the source code of Cortana and Bing.
LAPSUS$ hackers are claiming to have breached Microsoft and steal a trove of data. The group is also claiming to have access to several DevOps accounts belonging to Microsoft Azure, which, if confirmed, could be this year’s biggest cybersecurity incident.
Who are LAPSUS$ hackers
Reportedly, LAPSUS$ is a Brazilian hacking group that was behind Samsung, Ubisoft, and Nvidia data breaches in the last couple of weeks. Over the weekend, the hackers posted a screenshot on its Telegram channel revealing that they had accessed internal Microsoft systems.
One of the screenshots appeared to be from an Azure DevOps account, a product that Microsoft offers that allows developers to collaborate on projects. However, minutes later, the post was deleted, and the gang posted another message that read: “Deleted for now will repost later.”
Projects Listed in the Deleted Screenshot:
The projects listed in the screenshot posted by the LAPSUS$ group include the following:
Bing CubatorCreative AuthoringBing_UX: Bing.com frontend (SNR) + other relevant UX codebaseCortana: Main Cortana project, including related code, and work items.Bing Source Code: Main project that stores the entire