Lapsus$ cybercriminals gained access to internal systems at Microsoft and stole and released a total of 37 gigabytes of confidential data. Access management service provider Okta has also allegedly fallen victim to a data leak.
The Lapsus$ ransomware group has reportedly released 37 gigabytes of Microsoft source code and emails. The company Okta is said to have fallen victim to the extortion group. Okta makes identity management solutions that are used in many business applications. According to Okta, there was an attempt in January to compromise a third-party provider's access - a corresponding screenshot probably came from there. There was no other suspicious activity. Microsoft announced that they were aware of the data leak and are currently conducting internal investigations into it.
Lapsus$: Microsoft and Okta are victims of the attack
Screenshots showing that the extortion group had access to Microsoft's internal systems already appeared over the weekend. In the case of Microsoft, the screenshot is dated January 21, 2022. In the past few weeks, Lapsus$ has already leaked data from companies such as Samsung or game manufacturer Ubisoft.
"Even companies that are already well positioned in the area of IT security are not an impregnable target for highly motivated attackers," says Tim Berghoff, Security Evangelist at G DATA CyberDefense. The fact that the blackmail group had already had access to the affected networks for two months makes this particularly clear - and that the group is only now going public with it does not bode well. Tim Berghoff: "It is to be expected that there will be further attacks, which can be traced back directly to information to which the perpetrators had access for several weeks in the course of the attacks. This once again confirms one of our forecasts for the year 2022: The software supply chains will come under increasing attack.”
Leak: data already published
The announcement of such leaks also makes another thing clear in an unpleasant way: At this point it is too late for countermeasures - the perpetrators already have what they wanted. And they also do offensive recruiting work, openly asking for supporters to provide access to resources for a fee.
More at GData.de
About G Data With comprehensive cyber defense services, the inventor of the anti-virus enables companies to defend themselves against cybercrime. Over 500 employees ensure the digital security of companies and users. Made in Germany: With over 30 years of expertise in malware analysis, G DATA conducts research and software development exclusively in Germany. The highest standards of data protection are paramount. In 2011, G DATA issued a “no backdoor” guarantee with the “IT Security Made in Germany” seal of trust from TeleTrust eV. G DATA offers a portfolio from anti-virus and endpoint protection to penetration tests and incident response to forensic analyzes, security status checks and cyber awareness training to defend companies effectively. New technologies such as DeepRay use artificial intelligence to protect against malware. Service and support are part of the G DATA campus in Bochum. G DATA solutions are available in 90 countries and have received numerous awards.