Microsoft might be the victim of a data breach after a screenshot of an internal developer account was leaked

It seems that Microsoft has become the latest victim of the notorious cyber extortion group known as Lapsus$ following a data breach. Microsoft has yet to confirm any details as the company is currently investigating this matter.  

The possibility of a data breach was suggested over the weekend when a screenshot of an internal developer account was leaked on the Telegram channel belonging to Lapsus$. The screenshot in question is of an internal Azure DevOps account, which is used by Microsoft software developers to collaborate on projects. Some notable projects that can be identified are “Bing_UX,” “Bing-Source,” and “Cortana.” For those unfamiliar, Bing is Microsoft’s search engine while Cortana is the company’s virtual smart assistant like Siri.

Other projects were more obscure like “mscomdev,” “microsoft,” and “msblox.” But the key takeaway here is that whoever took the screenshot has access to multiple projects.

However, the screenshot has since been removed from the Telegram channel, presumably by the channel moderator. After that, a message that reads “Deleted for now will repost later” was shared to channel followers. Since the data breach, Lapsus$ has yet to make any public demands against Microsoft.  

Motherboard, a tech media publication reached out to Microsoft via email for comment on Sunday. A spokesperson replied saying “We are aware of the claims and are investigating.”

Coincidentally, the data breach comes after Lapsus$ posted “job vacancies” on the 10th of March on their Telegram channel. The job advertisement read “We recruit employees/insider at the following!!!!” and included a list of telecommunication firms, large software or gaming companies, and data hosts. But it seems that the extortion gang specifically highlighted Apple, IBM and Microsoft as interested companies.

The job posting ended with an elaboration that they weren’t looking for data, but instead for rogue employees to help them gain access into the company’s servers via VPN or Citrix.

Stefano De Blasi, a cyber threat research analyst at cybersecurity firm Digital Shadows, told Motherboard that Lapsus$ operates unlike any other cyber extortion gang. Commonly, a cyber extortion gang will deploy ransomware that will encrypt the data of the company, blocking access to it. If the company meets the demands of the gang, the access will be restored.

Lapsus$ differs from this by actually stealing confidential data and threatening to release it if their demands are not met.

This observation was made based on the gang’s previous targets. In February 2022, Lapsus$ hacked its way into Nvidia’s internal servers and stole confidential information. The Verge reported the gang demanded that Nividia make its GPU drivers open-source and remove a restriction on its 30-series graphics cards that affected Ethereum mining.

In the following month, the extortion gang targeted Samsung by stealing multiple source codes related to trusted applets installed in Samsung’s TrustZone environment, algorithms for biometric unlock operations and bootloader source. In addition, it was also believed that the gang got their hands on sensitive data from Qualcomm as well. However, it’s still unknown if any demands were made in exchange for the stolen data.

[ SOURCE , IMAGE SOURCE ]

Recent Posts

Denza Z9 GT now in Malaysia for RM359k: Luxury sports EV with 600km of range

Denza Z9 GT is now officially in Malaysia after it was first demonstrated here over…

9 hours ago

Huawei MatePad Air 2026 with 144Hz PaperMatte OLED screen, six speakers previewed in Malaysia: Here’s what we know

Aside from launching the Huawei Pura 90s series, Huawei Malaysia also unveiled the MatePad Air…

12 hours ago

Gentari drops DC fast charging prices at select locations across Peninsular Malaysia

Gentari has announced a price cut for selected DC chargers across Peninsular Malaysia. EV owners…

15 hours ago

Gentari’s Ayer Hitam EV Charging Hub now upgraded with 7 DC Charge Points

Petronas Bandar Baru Ayer Hitam is one of the most popular EV charging hubs for…

22 hours ago

Proton Saga Cross AMA02 spotted undergoing testing at Federal Highway

We spotted a camouflaged car at Federal Highway earlier today that might be the new…

1 day ago

Huawei Pura 90s series arrives in Malaysia from RM3,699. Pro Max version gets a 200MP telephoto camera

Huawei has officially launched the Pura 90s series in Malaysia, its latest flagship camera phones…

2 days ago

This website uses cookies.