Microsoft has reportedly been stuck by hacking group Lapsus$, who recently absconded with data from Samsung and Nvidia.
According to the Lapsus$ group, who boasted about their latest data heist on their Telegram channel, the hackers made off with 37GB’s of the source code to Bing, Cortana, Bing Maps, and other internal Microsoft projects.
In response to this supposed data breach, a Microsoft spokesperson has told the media that they “are aware of the claims and are investigating,” (via Engadget).
Unlike the Lapsus$ group’s previous attacks on Nvidia, in which the collective tried to blackmail the graphics card manufacturer into removing cryptocurrency mining limiters from its GPUs, there have not been any demands made to Microsoft from Lapsus$, so it is unclear just why the group carried out this attack.
While Microsoft is still investigating this data breach, it definitely seems like Lapsus$ made off with a good deal of data thanks to screenshots the group posted via Telegram. As spotted by Motherboard the group showcased a screenshot of an internal Microsoft developer account which showed they had access to “Bing_UX,” “Bing-Source,” “Cortana,” “mscomdev,” and “msblox.”
Luckily for users, it’s likely that Lapsus$ did not target user data within this data breach, as their usual MO focused around pinching valuable source code and then threatening to leak it if their demands aren’t met.
We most recently saw this with Lapsus$’s attack on Samsung, in which, as Samsung themselves confirmed, the breach involved “some source codes relating to the operation of Galaxy devices but does not include the personal information of our consumers or employees.”