Security News > 2022 > March > Microsoft investigates Lapsus$'s boasts of Bing, Cortana code heist

Microsoft investigates Lapsus$'s boasts of Bing, Cortana code heist
2022-03-21 19:53

The Lapsus$ extortion gang briefly alleged over the weekend it had compromised Microsoft.

"We are aware of the claims and are investigating," a Microsoft spokesperson told The Register on Monday.

The screenshot shows internal projects including Bing and Cortana's source code, and ??WebXT compliance engineering projects.

"Normally you wouldn't give credibility to a snapshot," tweeted Alvieri, "But Lapsus has breached Samsung, Impresa, Mercado Libre, Ubisoft, and Nvidia." The researcher said Microsoft and Vodafone have allegedly been hit, adding that the brag about the Windows giant seems "Credible so far and reputation is at stake."

Perhaps Microsoft should have fought a little harder for Mandiant before Google scooped it up for $5.4bn. The suspected Microsoft intrusion follows a series of high-profile sorties by Lapsus$, which, until recently, was best known for meddling with Brazil's Ministry of Health and Portuguese media outlets SIC Noticias and Expresso.

"We are investigating the claim together with law enforcement, and at this point we cannot comment on the credibility of the claim," a Voda spokesperson told CNBC. "However, what we can say is that generally the types of repositories referenced in the claim contain proprietary source code and do not contain customer data." .


News URL

https://go.theregister.com/feed/www.theregister.com/2022/03/21/microsoft_lapsus_breach_probe/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 365 50 1369 2820 161 4400