Microsoft and authentication firm Okta reported that hacker group Lapsus$ has breached their networks and stole their data.
Microsoft wrote in their security blog that a group that it called itself DEV-0537 breached “a single account” and stole parts of source code for some of its products.
Microsoft said it was investigating how the breach occurred and that they have already observed Lapsus$ activities in the past few weeks.
“Over time, we have improved our ability to track this actor and helped customers minimize the impact of active intrusions and in some cases worked with impacted organizations to stop attacks prior to data theft or destructive actions,” said Microsoft.
Lapsus$ later leaked 37GB of source code stolen from Microsoft’s Azure DevOps server including Microsoft projects, including for Bing, Cortana, and Bing Maps.
Lapsus also$ disclosed leaks from Okta and published user data compromised from the company.
Okta recently confirmed the breach but did not state the actual extent of the damage.
Okta said that the breach occurred after a customer support engineer working for a third-party contractor had his computer compromised.
Lapsus$ said that Okta was not being transparent about the leak and that
© Fourth Estate® — All Rights Reserved.
This material may not be published, broadcast, rewritten or redistributed.