The company has confirmed that the group, which it calls DEV-0537, compromised “a single account” and stole parts of source code for some of its products. A blog post on its security site says Microsoft investigators have been tracking the Lapsus$ group for weeks and details some of their methods to compromise victims’ systems.
Microsoft maintains that the leaked code is not severe enough to cause an elevation of risk and that its response teams shut down the hackers mid-operation.
As a reminder, Microsoft claimed attackers would access source code after the SolarWinds hack.
Why do we care?
Everyone is going to get hit, even Microsoft. Frankly, I think they are on their game, and I have no reason to distrust them here besides general sentiments of zero trust.
Worthy of tracking the hit, and particularly following Lapsus$.