Lapsus$ targeted Microsoft, Samsung, Okta, Nvidia

Microsoft published a detailed cybersecurity blog confirming that its systems were breached by the hacker group Lapsus$. The post also states that Microsoft has observed a common thread of tactics being deployed to hack into the computer systems and networks of multiple organizations.

The response comes after other prominent companies such as Nvidia, Samsung, Ubisoft, Okta, etc were believed to have been targeted by the same group. Okta had initially denied a breach, but later released a statement saying it believed that close to 366 of its customers were likely impacted.

What is Lapsus$?

South America-based Lapsus$ is known for publicly posting details about their hacks and sharing screenshots of stolen data on platforms such as Telegram and Twitter. Here’s a look at what this latest cybersecurity issue is all about.

How was Microsoft hacked?

The Lapsus$ group claimed that it has stolen data from Microsoft, adding that it had accessed source code for core Microsoft products Bing, Cortana, and Bing Maps. Microsoft, however, said that while no customer code or data was involved, their investigation found that a single account was compromised, thus granting limited access to the hackers.

The statement added, “Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity.” The company said it does not view the secrecy of source code as a security threat and that viewing it does not mean an increased risk to products.