Microsoft investigates Lapsus$'s boasts of Bing, Cortana code heist

2022-03-21 19:53

The Lapsus$ extortion gang briefly alleged over the weekend it had compromised Microsoft.

"We are aware of the claims and are investigating," a Microsoft spokesperson told The Register on Monday.

The screenshot shows internal projects including Bing and Cortana's source code, and ??WebXT compliance engineering projects.

"Normally you wouldn't give credibility to a snapshot," tweeted Alvieri, "But Lapsus has breached Samsung, Impresa, Mercado Libre, Ubisoft, and Nvidia." The researcher said Microsoft and Vodafone have allegedly been hit, adding that the brag about the Windows giant seems "Credible so far and reputation is at stake."

Perhaps Microsoft should have fought a little harder for Mandiant before Google scooped it up for $5.4bn. The suspected Microsoft intrusion follows a series of high-profile sorties by Lapsus$, which, until recently, was best known for meddling with Brazil's Ministry of Health and Portuguese media outlets SIC Noticias and Expresso.

"We are investigating the claim together with law enforcement, and at this point we cannot comment on the credibility of the claim," a Voda spokesperson told CNBC. "However, what we can say is that generally the types of repositories referenced in the claim contain proprietary source code and do not contain customer data." .

News URL

https://go.theregister.com/feed/www.theregister.com/2022/03/21/microsoft_lapsus_breach_probe/

#cortana #heist #lapsus #microsoft

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Microsoft		480	75	2308	5127	264	7774