Microsoft said that the hacker group Lapsus$ acquired “limited access” to its systems, following a claim by the group that it acquired source code for the Bing search engine and Cortana voice assistant.
The software giant had been tracking the activities of Lapsus$, which it labels a “large-scale social engineering and extortion campaign” for several weeks and provided some details on the methods of its attacks in a blog post late Tuesday. Lapsus$ had previously broken the cybersecurity shields of Nvidia Corp, and this week also claimed to have acquired access to the system privileges of Okta which is the San Francisco-based company that manages user authentication services for thousands of corporate clients.
After this Microsoft said, “Our investigation has found a single account had been compromised, granting limited access,”. “Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity.
Microsoft does not depend on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk.”