Yesterday, we reported that Lapsus$ has access to Microsoft’s internal DevOps system. Through this access, Lapsus$ was able to download part of source code belonging to Bing, Bing Maps and Cortana. Today, Microsoft confirmed that Lapsus$ had gained access to internal DevOps system and exfiltrated portions of source code.
The good news is that no customer code or data was involved in the Lapsus$. As per Microsoft’s investigation, a single account was compromised, granting limited access. Microsoft quickly remediated the compromised account to prevent further activity.
Our team was already investigating the compromised account based on threat intelligence when the actor publicly disclosed their intrusion. This public disclosure escalated our action allowing our team to intervene and interrupt the actor mid-operation, limiting broader impact.
Microsoft also mentioned that it does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of security risk.
Microsoft also posted recommendations to improve cloud security posture inside organizations to prevent such security breaches. You can read it from the source link below.