According to a notorious hacker outfit, they have taken 37 GB of data. Known for claiming to have hacked Nvidia, Samsung, and more, Lapsus$ announced this week that it has also hacked Microsoft. In an archive containing roughly 37GB of data, the organisation shared a file that it claimed included partial source code for Bing and Cortana.
37 GB of Bing, Bing Maps, and Cortana source code may have been taken from Microsoft during a cyberattack. Maybe it’s true; Microsoft has yet to corroborate the data theft, which was reported over the weekend by a gang of hackers going by the name Lapsus$, who claim to be from Brazil.
However, the group’s prior claims of hacking into Nvidia, Samsung and Ubisoft’s networks have been confirmed to be accurate. Okta, a supplier of single sign-on for businesses, announced today that Lapsus$ had really gained access to its systems by obtaining a password from a user.
Sunday (March 20) saw the appearance of screenshots purportedly taken from a Microsoft Azure DevOps cloud server, which included the previously listed things. Many additional Microsoft assets may have been hacked, since the image only revealed a portion of an alphabetized list of projects.
As of Monday (March 21), Bleeping Computer reports that the Lapsus$ group has released what seems to be 37 GB of web- and mobile-based features and applications in a 9 GB compressed bundle. Bleeping Computer stated the files seemed to be genuine, despite the lack of desktop applications like Windows or Microsoft Office.
When it comes to the end user, it isn’t obvious whether Microsoft had many gigabytes of source code taken or not.
Lapsus$ breach may have included authentic Microsoft digital-signature certificates that might be used to develop malware that may bypass Microsoft’s defences, according to a French security researcher called Soufiane Tahiri.
Will Dormann of the CERT Coordination Center of the United States government, on the other hand, wasn’t so confident.
Until Microsoft acknowledges the loss of data, we’ll have to wait to see whether thieves start using the information revealed by the allegedly stolen data. When we hear back from Microsoft, we’ll be sure to update this article.
Many other organisations can learn from what Microsoft has done in its blog post, including requiring multifactor authentication, not using “weak” methods like text messages or secondary email, educating team members about the dangers of social engineering, and developing processes to deal with Lapsus$-style attacks. Microsoft also said it will continue to watch Lapsus$ and keep an eye out for any assaults on Microsoft customers that it may carry out.