Skip to main content
If you click on a link and make a purchase we may receive a small commission. Read our editorial policy.

Microsoft confirms cyber attack, source code stolen

Company said that parts of the code for Bing and Cortana were compromised by hacker group

Microsoft has had partial source code pertaining to Bing and Cortana stolen as part of a cyber attack, the company has confirmed.

In a statement, the firm said that it has been "actively tracking a large-scale social engineering and extortion campaign," and has attributed the threat to hacker group Lapsus$.

The statement goes on to detail the activity it has observed from the group, which it refers to as DEV-0537, as well as sharing suggestions on how to safeguard against similar attacks.

Microsoft also speculated what it believes to be the group's motives, including "theft and destruction," and noted that said organisation has targeted other names in other sectors.

"DEV-0537 is known for using a pure extortion and destruction model without deploying ransomware payloads," the blog post read.

It goes on to explain that Lapsus$ likely gained access to organisations via purchasing employee credentials and multi-factor authentication (MFA) approval, using a password stealer, or searching public code for exposed credentials.

While internal resources were compromised in the hack, Microsoft highlighted that "no customer code or data was involved in the observed activities."

Microsoft said it will continue to monitor the group's activities and communicate additional insight as and when it investigates.

The group is also reportedly behind similar cyber attacks on Nvidia and Samsung, as per VGC.

Read this next

Danielle Partis avatar
Danielle Partis: Danielle is a multi award-winning journalist and editor that joined in 2021. She previously served as editor at, and is also a co-founder of games outlet Overlode.
Related topics