Threat Awareness – Microsoft and Okta Investigating Data Leaks

The cybercriminal group Lapsus$ claims to have successfully compromised Microsoft’s internal Azure DevOps server and stolen source code for Bing, Cortana virtual assistant, and other projects. Yesterday, the threat actors leaked around 40 Gb of data stolen from Microsoft and claimed to have targeted LGE corporation and identity and access management company Okta. Lapsus$ is a data extortion cyber group that compromises business networks to steal source code, customer lists, databases, and other valuable data. In recent months, the group has claimed to have compromised large firms such as NVIDIA, Samsung, Vodafone, Ubisoft, and Mercado Libre. Some security researchers believe Lapsus$ is paying company employees for insider access. Read more at SecurityWeek or at BleepingComputer.