Yesterday, we learned that hacking collective LAPSUS$ (Lapsus) group has infiltrated Microsoft DevOps accounts. It also posted screenshots of Bing and Cortana repositories on Telegram and then deleted them. Meanwhile, Microsoft acknowledged reports of the cybersecurity incident and stated that it is further investigating it. Lapsus is the same group which is verified to have stolen data belonging to Samsung, Nvidia, Vodafone, Okta, and Ubisoft too. Now, it seems that the hacking collective has leaked the source code for several Microsoft projects.
According to Cyber Kendra, Lapsus group has posted a link to a torrent containing Microsoft's source code for Cortana, Bing, and Bing Maps, among many other projects. The dump reportedly contains data for 258 projects and is 37GB in size. The outlet has analyzed the dump and confirmed that it does come from Microsoft. It has further relayed that the data also contains emails, signing certificates, and details about private and public keys. However, it's unclear how recent the leaked information actually is.
Alongside this, Lapsus group has also released a text file containing logging details of LG employees and service accounts. This includes hashed passwords and usernames. It has further announced that it will leak LG's Confluence infrastructure too.
We will not link to the data dump for any company for obvious reasons. We would also recommend that users stay away from them as this matter could very well become the subject of federal investigations. The popular running theory for now is that rather than using sophisticated tooling, Lapsus group was able to infiltrate companies by paying off contractors who basically acted as insiders exfiltrating access to this data. While this hasn't been confirmed by Microsoft yet, the possibility of this happening does mean that companies need to rigorously vet contractors and even full-time employees before it hires them and also regularly keep track of logs which show activities requiring elevated privileges.