Microsoft in an official blog post revealed that one of its employees’ accounts was hacked, and that’s how the Lapsus$ gang attained the company’s internal data.
Earlier this week, the Lapsus$ gang has leaked the source code of Bing apps, Cortana, and several other applications belonging to Microsoft, through a breached Azure DevOps server. Securing the compromised employee account, Microsoft listed how Lapsus$ works and tips on thwarting it.
Microsoft Falls Prey to Lapsus$
On Sunday morning, the raging Lapsus$ group announced stealing source code data from Microsoft, to which the victim company said it’s investigating the issue . And just yesterday, the Lapsus$ gang shared a torrent link to let everyone download the stolen Microsoft data!
The dump contained source code of various Microsoft applications like Bing Search, Cortana, and Bing Maps, which the Lapsus$ claimed to have obtained from an Azure DevOps server. Now, Microsoft has confirmed that one of its employee’s accounts was compromised, and that’s how the threat actor has obtained this data.
LAPSUS$ extortion group has released source code to Bing, Bing Maps, and Microsoft Cortana. They state that each release is incomplete (not the entire source code). — vx-underground (@vxunderground) March 22, 2022
