Microsoft says the hacking group LAPSUS$, which has shared images of infiltrating Okta, was also able to attack the computer software giant.
“Our investigation has found a single account had been compromised, granting limited access. Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity,” the company said in a blog post. “Microsoft does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk.”
says the hacking group started targeting organizations in the United Kingdom and South America but expanded to global targets, including organizations in government, technology, telecom, media, retail, and healthcare sectors. Microsoft said the group also is targeting individual user accounts at cryptocurrency exchanges to drain cryptocurrency holdings.
The hacking group that Microsoft also calls DEV-0537 uses social engineering efforts to gather knowledge about their target’s business operations, the software giant said, and is motivated by “theft and destruction.”
shares fell as much as 9% on Tuesday but ended the day down just 2%.
Microsoft shares have dropped 10% this year, in line with the broader Nasdaq Composite