Microsoft Data Breach 2022 by LAPSUS

Microsoft Data Breach 2022 by LAPSUS

Microsoft is likely the latest victim of hacking group LAPSUS$, the same gang that hacked Samsung and Nvidia, after a sensitive screenshot has prompted the tech giant to investigate.

The Microsoft logo is illuminated on a wall during a Microsoft launch event to introduce the new Microsoft Surface laptop and Windows 10 S operating system, May 2, 2017 in New York City. The Windows 10 S operating system is geared toward the education market and is Microsoft's answer to Google's Chrome OS.

Microsoft Hacked by LAPSUS

As per a news story by Gizmodo, Microsoft has started its investigation of earlier claims saying that the extortion hacking group LAPSUS$ reportedly accessed the system of the tech giant.

It comes after the hacking group shared a sensitive screenshot on its Telegram accounts showing some information that appears to be from the cloud computing division of Microsoft.

The screenshots on the Telegram channel of LAPSUS$ include information, which seems to be from the developer account of Azure.

Microsoft Data Breach 2022 by LAPSUS

The leak specifically includes source code mentioning "Cortana," "Bing-Source," and "Bing_UX," which could suggest that it involves the virtual assistant of Microsoft.


However, Gizmodo noted in the same news story that the Telegram channel of the hacking gang has already deleted the sensitive screenshots regarding Microsoft that it previously posted.


But still, LAPSUS$ went on to say that it only deleted it "for now," but the group will be reposting the screenshots "later."

Microsoft Investigation

Meanwhile, Microsoft already confirmed that they are aware of the recent claims in its latest statement, adding that the tech giant is already investigating the potential hacking incident.

International buyers listen to a speeck in front of a Microsoft logo during the Computex tech show in Taipei on June 4, 2014. More than 1,500 exhibitors, including some of the world's leading technology brands, will set out their stalls at Computex in the capital, with 130,000 visitors expected for the five-day event.

According to a recent report by Bleeping Computer, Microsoft has yet to give any confirmation if the developer account for Azure has been compromised in a recent hack.

LAPSUS$ Hacking and Extortion

That said, Microsoft only confirmed that it is investigating claims saying that its systems were hacked.

It is worth noting that LAPSUS$ is known for hacking and extorting massive tech firms after accessing their sensitive data.


One of the latest extortion incidents involving LAPSUS$ was during its recent Nvidia hack, wherein the group asked for an odd and populist demand, which did not involve any money.


Instead, in a populist move, the hackers demanded Nvidia to make its GPU drivers open-source. On top of that, the extortion group also asked the giant tech firm to remove the Ethereum cryptocurrency mining limiters from its Nvidia 30 graphics cards.

In addition to that, Microsoft also did not mention any demands that the massive hacking group might have asked them.


The extortion group has yet to demand anything from the business software titan, though LAPSUS$ has, in past attacks, asked for payment and held sensitive information as blackmail. In the case of Nvidia, the group threatened to release stolen internal data unless GPU drivers were made open source and Ethereum cryptocurrency mining limiters were removed from Nvidia 30-series graphics cards.


LAPSUS$ is reportedly on a recruiting mission to get employees to cough up sensitive info. It wrote, “We recruit employees/insider at the following!!!!” on March 10 then followed the statement with a list of companies it would like to infiltrate, which included Apple, IBM, and Microsoft.


“TO NOTE: WE ARE NOT LOOKING FOR DATA, WE ARE LOOKING FOR THE EMPLOYEE TO PROVIDE US A VPN OR CITRIX TO THE NETWORK, or some anydesk,” the group wrote in a message.


What makes LAPSUS$ unique among hacking gangs is its use of Telegram to establish a social media presence and give it a public voice. The group wants noteriety. And instead of conducting ransomware attacks by blocking systems with encryption, LAPSUS$ instead threatens to leak information it has already stolen unless the victim sends it money.


LAPSUS$ is a relative newcomer. Its first suspected campaigns were against Brazilian and Portuguese companies at the end of last year, beginning with Brazil’s health ministry, the Portuguese media company Impresa, and South American telecoms Claro and Embratel. The hacking group, which claims to be motivated only by money, has gained confidence and widened its ambitions after its attacks against giants Nvidia and Samsung.

(getButton) #text=(News Source) #icon=(link) #color=(#2339bd)

Post a Comment

Previous Post Next Post