Microsoft has reportedly been hacked by Lapsus$ 

Reading time icon 2 min. read

Readers help support MSPoweruser. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help MSPoweruser effortlessly and without spending any money. Read more

Microsoft Building

Microsoft has reportedly been stuck by hacking group Lapsus$, who recently absconded with data from Samsung and Nvidia.

According to the Lapsus$ group, who boasted about their latest data heist on their Telegram channel, the hackers made off with 37GB’s of the source code to Bing, Cortana, Bing Maps, and other internal Microsoft projects. 

In response to this supposed data breach, a Microsoft spokesperson has told the media that they “are aware of the claims and are investigating,” (via Engadget). 

Unlike the Lapsus$ group’s previous attacks on Nvidia, in which the collective tried to blackmail the graphics card manufacturer into removing cryptocurrency mining limiters from its GPUs, there have not been any demands made to Microsoft from Lapsus$, so it is unclear just why the group carried out this attack.

While Microsoft is still investigating this data breach, it definitely seems like Lapsus$ made off with a good deal of data thanks to screenshots the group posted via Telegram. As spotted by Motherboard the group showcased a screenshot of an internal Microsoft developer account which showed they had access to “Bing_UX,” “Bing-Source,” “Cortana,” “mscomdev,” and “msblox.”

Lapsus$ Microsoft
The, incredibly small and blurry, screenshot uploaded by Lapsus$ to Telegram. Via Motherboard.

Luckily for users, it’s likely that Lapsus$ did not target user data within this data breach, as their usual MO focused around pinching valuable source code and then threatening to leak it if their demands aren’t met. 

We most recently saw this with Lapsus$’s attack on Samsung, in which, as Samsung themselves confirmed, the breach involved “some source codes relating to the operation of Galaxy devices but does not include the personal information of our consumers or employees.”

More about the topics: hack, Lapsus$, microsoft