Portland News

Breach by Hacker Group Lapsus$, Microsoft Confirms

Photo: Pixabay

Microsoft confirmed on Tuesday that its account was breached by the hacker group Lapsus$. It resulted in “limited access” to company systems but not the data of any Microsoft customers.

“Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity,” Microsoft said in a blog post.

Microsoft was prompted to confirm the breach after Lapsus$ claimed credit for compromising Okta, the digital identity management firm. Following an investigation into Lapsus$’s claims, Okta acknowledged on Tuesday that there had been a breach in January linked to one of Okta’s outside contractors.

Lapsus$ previously claimed to have breached chip giant Nvidia. Nvidia also confirmed a breach to CNN earlier this month.

After Lapsus$ claimed that it had stolen the Microsoft source code, Microsoft clarified on Tuesday that Microsoft’s approach to risk management means possessing the code would not benefit the hackers even if they had managed to access it. 

“Microsoft does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk,” Microsoft said.

Microsoft added that the techniques Lapsus$ used in the attack on company systems were similar to those Microsoft has observed the group using against other targets.

Microsoft said that Lapsus$ has sought to steal individual user credentials in the past to gain access to an organization or corporate network. Then, the group would comb through office collaboration tools such as SharePoint, Teams, and Slack to discover other users on the network whose accounts could be targeted to deepen the compromise.

Microsoft added that Lapsus$ has even been known to listen to victims’ conference calls to discuss the breach response.

Microsoft described Lapsus$ as having a sophisticated grasp of technology supply chains and understanding how to use one organization’s relationships or reliance on another. In addition to tech, telecom, and IT support firms, Lapsus$ has “also been observed targeting government entities, manufacturing, higher education, energy, retailers, and healthcare,” Microsoft said.

Opinions expressed by Portland News contributors are their own.