Reports of a Microsoft breach began on last Monday when Lapsus$ posted screenshots of supposed internal software repositories at Microsoft. When Search Security contacted Microsoft for a statement Monday, the vendor said it was aware of Lapsus$'s claims and they was investigating with regards to this matter.
In a blog post on last Tuesday, Microsoft said Lapsus$ had compromised one of its accounts, resulting in "limited access" to company systems but not the data of any Microsoft customers.
The disclosure comes after Lapsus$ claimed credit for compromising Okta, the widely used digital identity management firm. On Tuesday evening, following an investigation into those claims, Okta acknowledged that hundreds of its customers may have been affected by a breach in January linked to one of Okta's outside contractors.
Lapsus$ previously claimed to have breached Nvidia. Nvidia confirmed a breach according to CNN this month.
Addressing claims by Lapsus$ that the group had stolen Microsoft source code, the technology giant said Tuesday that Microsoft's approach to risk management means the possession of the code would not benefit the hackers even if they had managed to access it.
Microsoft says they does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk.
They added that the techniques Lapsus$ used in the attack on company systems were consistent with those Microsoft has observed the group using against other targets.
Lapsus$ has even been known to listen in on victims' conference calls to discuss the breach response, according to Microsoft.
Microsoft described Lapsus$ as having a sophisticated grasp of technology supply chains, understanding how to use one organization's relationships or reliance on another to its advantage.
In addition to tech, telecom and IT support firms, Lapsus$ has "also been observed targeting government entities, manufacturing, higher education, energy, retailers, and healthcare," Microsoft said.
Even companies like Microsoft and Nvidia will get breached by hackers and the data of any customers will be in the hand of the hacker, so cyber security is very important for everyone.
Need help with Cyber Security?
Call us at +65 6262 0402 or email us at firstname.lastname@example.org to get the information details on your needs.