Microsoft and Okta are investigating potential attacks by the Lapsus$ hacking group

Attackers reportedly obtained source code for Bing, Bing Maps and Cortana.

Sponsored Links

Kris Holt
March 22, 2022 8:05 AM
Microsoft France headquarters entrance in Issy les Moulineaux near Paris
Jean-Luc Ichard via Getty Images

Microsoft and identity authentication company Okta are both investigating potential attacks that may have been carried out by the South American hacking group Lapsus$. The collective claims to have stolen source code for Bing, Cortana and internal Microsoft projects from a server.

Lapsus$ released a torrent on Monday that's said to contain 37GB of source code for around 250 projects, according to BleepingComputer. The group claims the data includes 90 percent of Bing's source code and 45 percent of Cortana and Bing Maps code. Other affected projects seem to include websites, mobile apps and web-based infrastructure.

The leaks reportedly contain internal emails and documentation related to published mobile apps. The torrent is not believed to include code for desktop software such as Windows or Microsoft Office. 

Turn on browser notifications to receive breaking news alerts from Engadget
You can disable notifications at any time in your settings menu.
Not now

"“We are aware of the claims and are investigating," a Microsoft spokesperson told Engadget.

The same group has also targeted Okta, though the company says it has not yet found evidence of a new breach following an incident in January.

"In late January 2022, Okta detected an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors," an Okta spokesperson told Engadget. "The matter was investigated and contained by the subprocessor. We believe the screenshots shared online are connected to this January event. Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January."

Lapsus$ posted screenshots of what it claimed was Okta’s internal systems. As The Wall Street Journal reports, the hackers claimed not to have accessed or obtained data on Okta itself and were focused on the company's customers, which include Cloudflare, Grubhub, Peloton, Sonos, T-Mobile and Engadget parent Yahoo.

The hacking group has attacked other high-profile targets in recent weeks, including NVIDIA, Samsung and Ubisoft. NVIDIA confirmed that hackers obtained company data in February, while Lapsus$ claimed to have leaked 190GB of Samsung data.

Update 3/22 8:45AM ET: Added Microsoft's statement.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget