Lapsus group claims to have breached several Microsoft DevOps accounts

According to chatter on Reddit and a report over on Cyber Kendra, Microsoft's DevOps accounts have been breached by the LAPSUS$ (Lapsus) group, the same group responsible for hacking Samsung and threatening to release propriatary code from Vodafone earlier this year.

Lapsus Microsoft breach

The screenshot, which was released by Lapsus on Telegram and then quickly deleted, was saved by Cyber Kendra, the group claims to have access to several of Microsoft's DevOps resources. According to the report the post was deleted after a couple of minutes, with a message "Deleted for now will repost later".

The following DevOps resources can be seen:

  • Bing_STC-SV: Project contains the source code for various Bing engineering projects in the Silicon Valley office
  • Bing_Test_Agile: This is the test project for Bing using the Agile template.
  • Bing_UX: frontend (SNR) and other related UX codebase
  • Bing Cubator
  • Bing Source Code: The central project for storing all of Bing Source Code.
  • Compliance_Engineering: WebXT Compliance Engineering team project.
  • Cortana: The main Cortana project, its related code, and work items.
  • Creative Authoring

It must be noted that only the top portion of the page in the image can be seen, so any number of resources could be breached. We'll update this post as more information becomes available.

Source: Cyber Kendra | Reddit | Telegram

Report a problem with article
ebook offer
Next Article

Data Center & Infrastructure Report: Key Findings and Trends for 2022

The original Windows 10 Boot Screen
Previous Article

Here is the earliest Easter egg found in Windows 1.0 and 2.X

Join the conversation!

Login or Sign Up to read and post a comment.

4 Comments - Add comment