The software giant, Microsoft, was hacked by the online criminal collective known as the Lapsus Hackers. Lapsus took to social media to post a screen capture of the attack, making it clear that its team was deserving of what it considers to be acclaim. The hack is one of several inflicted on Microsoft in recent years.
The hackers used Azure DevOps, an abbreviation short for development operations, to take the screen capture. However, the use of the DevOps software made by Microsoft is only the tip of the iceberg regarding the magnitude of the offensive. There are also signs that Cortana, Bing, and additional projects were also manipulated during the attack. The extent of the hackers' database access is unknown.
This breach occurred in March 2022.
The breach impacts Microsoft, yet the software giant insists hackers did not access its customer data. If the company is telling the truth, the threat actors controlled only one account. The question is how much information was accessed before the threat was identified. If the infiltration reached the depth where it caused significant harm, it will manifest as identity theft in the ensuing months.
Microsoft has not revealed the full extent of the access, likely because it is attempting to save face in the aftermath of this embarrassing breach. If the hackers delved deeply into the company’s internal databases, they likely accessed the information of thousands of Microsoft customers. To read more about this breach, read Microsoft Has Patched an Azure AD Vulnerability.