Microsoft confirms hacking group stole source code via 'limited access'

Shawn Knight

Posts: 14,127   +154
Staff member
In brief: Microsoft has confirmed claims made earlier this week by hacking group Lapsus$ that it was the victim of a cybersecurity incident. Redmond seemingly dismissed the matter as no big deal, noting it was already looking into the issue before the group went public and downplaying the importance of secure source code.

A blog post addressing the matter notes that Microsoft's investigation uncovered a single account had been compromised, which granted the attacker "limited access." According to Microsoft, their team was already investigating the compromised account when Lapsus$ publicly disclosed the intrusion.

If you recall, the group released a dump earlier this week containing around 37GB worth of Microsoft data. The haul reportedly included portions of source code for Bing, Bing Maps and Cortana.

Microsoft said it "does not rely on the secrecy of code as a security measure," adding that viewing source code does not lead to an elevation of risk.

Microsoft also touched on some of the group's preferred tactics, many of which aren't all that common among threat actors. Examples include phone-based social engineering, SIM-swapping, accessing personal e-mail accounts and even paying employees, suppliers or business partners of target organizations for access to credentials or multi-factor authentication (MFA) approval.

Redmond additionally provided tips that organizations and individuals can use to protect themselves, including using MFA, avoiding phone-based MFA methods and leveraging passwordless authentication like Windows Hello, Microsoft Authenticator or FIDO tokens.

Lapsus$ has been extremely busy this year, having already hit big tech targets including Nvidia, Samsung and Vodafone. Authentication firm Okta has also fallen victim, with the company updating its statement to confirm that around 2.5 percent of its clients have potentially been impacted and whose data may have been viewed or "acted upon."

Image credit Aktar Hossain

Permalink to story.

 

Goamist

Posts: 51   +87
If Microsoft doesn't rely on the secrecy of its source code, does that mean that we can hope for a release of (some of) its proprietary code to the public? Can one dare to dream? :D
 

captaincranky

Posts: 18,722   +7,664
What the heck happened here?

Was M$ using "unsupported by Windows 11", CPUs in their servers?
Didn't they have TPM 2.0 active in their systems?

I mean for a company preaching , "security, security, security", to sell the latest edition of their bloatware, you'd think they'd be able to lock down their own systems.