The Microsoft source code breach may be much bigger than we thought

37GB of Microsoft’s internal source code has been leaked online by the Lapsus$ group

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

After allegedly gaining access toMicrosoft’s Azure DevOps source code repositories over the weekend, the South American-based data extortion hacking groupLapsus$has now made some of the company’s internal files available online.

In a recent post on Telegram, the group shared a screenshot of Microsoft’s Azure DevOps account to show that they had hacked one of the company’s servers which contained the source code forBing,Cortanaand a number of other internal projects.

Now though, Lapsus$ has made the source code for over 250 Microsoft projects available online in a 9GB torrent. According to the group, the torrent itself contains 90 percent of the source code forBingand 45 percent of the source code for both Bing Maps and Cortana.

We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a£100 Amazon gift card(or equivalent in USD). Thank you for taking part.

Click here to start the survey in a new window«

While Lapsus$ says that they only leaked some of Microsoft’s source code, security researchers that spoke withBleepingComputersay that the uncompressed archive actually contains 37GB of projects. After examining the contents of the torrent more closely, the security researchers are confident that the leaked files are legitimate internal source code from the company.

Paying for access

In addition to internal source code, some of the leaked projects contain emails and other documentation that was used internally by Microsoft engineers working on mobile apps. The projects themselves all appear to be related to web-based infrastructure, websites or mobile apps and at this time, it seems that Lapsus$ did not steal any source code for Microsoft’s desktop software such asWindows 11, Windows Server andMicrosoft Office.

Microsoft may be the latest victim but over the past few months, the Lapsus$ group has made a name for itself by successfully attackingNvidia,Samsung, Vodafone, Ubisoft and Mercado Libre.

Okta reportedly hit in serious breach - Lapsus$ strikes again?

Nvidia hackers hit Samsung and leak huge data dump

Ubisoft fans need to change their passwords now

While it’s still unknown as to how the group has managed to target the source code repositories of so many big companies in such a short time, some security researchers believe Lapsus$ is paying corporate insiders for access. In fact, in a previous post on its fast-growingTelegramchannel, the group said that it actively recruits employees and insiders at telecoms, large software and gaming companies, call centers anddedicated server hostingproviders.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Besides recruitment, Lapsus$ also uses its Telegram channel to announce new leaks and attacks as well as for self-promotion. The group has already amassed close to 40k subscribers on the platform which it even uses to chat with its fans.

Now that the Lapsus$ group has gained a great deal of notoriety online, expect law enforcement agencies and even large companies like Microsoft to begin taking action to disrupt its activities before it strikes again.

ViaBleepingComputer

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

This new phishing strategy utilizes GitHub comments to distribute malware

Smeg Combi Steam Oven review: a multi-functional countertop oven that looks stunning and cooks well