Microsoft confirms it was hacked after releasing 37GB of sensitive data

Microsoft was hacked by a gang of hackers. After stealing data from Nvidia and Samsung, the hacking group managed to gain access to Microsoft servers. The attackers kept 37 GB of sensitive data, including source code from Bing or Cortana. The company, however, claims that no user was affected by the attack and that its teams managed to stop the data extortion.

microsoft hacked

Update March 23, 2022

Inside a long blog post, Microsoft confirms to have been hacked by LAPSU$. Initially, the Redmond firm seeks to reassure. she assures that “no client code or data was involved in the observed activities” and that the hack is not big enough to cause harm to users. He also explains that only one company account was compromised, giving hackers access to sensitive data. In addition, the publication of these documents allowed Microsoft “to intervene and interrupt the actor in the middle of the operation, thus limiting a broader impact.” As explained in our article, LAPSU$ did not ask for a ransom, as it could for Nvidia. Microsoft sees this as the action of a group”motivated by theft and destruction.

Article of March 22, 2022

Microsoft has been the victim of a hack, our colleagues at Bleeping Computer report. By gaining access to an Azure server, the Lapsus$ hacker group claims to have gained access to the source code of Bing, the voice assistant Cortana and other projects developed by the company’s teams.

In recent weeks, Lapsus$ has already taken on several tech giants. In early March, the group of pirates managed to break into Nvidia servers to steal sensitive documents. In exchange for their silence, the gang demanded an end to all limitations preventing cryptocurrency mining with graphics cards. Shortly after, the group stole 190 GB of data from Samsung servers.

The hackers allegedly received help from a Microsoft employee

During the Microsoft hack, Lapsus$ took over 37 GB of sensitive data owned by Microsoft. This time, the group did not demand a ransom from the company. This Monday, March 21, 2022, Lapsus$ published all the data stolen during the attack on the web.

Shared in the Telegram conversion of the gang, the torrent file contains information about 250 projects signed by Microsoft. According to the hackers, the file contains 100% of the source code of Bing and around 45% of the source code of Bing Maps (alternative to Google Maps) and Cortana. It also contains the code for web frameworks, websites, and mobile applications.

The experts, interviewed by Bleeping Computer, analyzed the leaked data to confirm its authenticity. Experts have also found internal emails exchanged between Microsoft employees in the File.

Also read: Microsoft offers a promotion to users who have pirated the Office suite

According to investigators interviewed by the media, it is likely that Lapsus$ had the help of accomplices within the firm. Contacted by the media, Microsoft claims to be aware of Lapsus$’s claims. The American giant claims to have opened an investigation to clarify the matter.

Source : computer beep

Leave a Comment