%Microsoft ($MSFT) has confirmed that it was breached by the hacker group Lapsus$, adding to the cyber gang’s growing list of corporate victims.
In a blog post, Microsoft confirmed that Lapsus$ had compromised one of its accounts, resulting in “limited access” to company systems but not the data of any Microsoft customers.
“Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity,” Microsoft said in the post.
Microsoft’s disclosure comes after Lapsus$ claimed credit for compromising Okta (OKTA), the widely used digital identity management firm. Okta has acknowledged that hundreds of its customers may have been affected by a breach in January linked to one of Okta’s outside contractors.
Lapsus$ previously claimed to have breached semiconductor giant %Nvidia ($NVDA). Nvidia confirmed a breach earlier this month.
Addressing claims by Lapsus$ that the group had stolen Microsoft source code, the technology giant said that Microsoft’s approach to risk management means the possession of the code would not benefit the hackers even if they had managed to access it.
“Microsoft does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk,” Microsoft said in the blog post.
Separately, it is being reported that a 16-year-old from Oxford, England is one of the leaders of the Lapsus$ cybergang. The teenager, who is alleged to have amassed $14 million U.S. from hacking, has been named by rival hackers online.
City of London Police say they have arrested seven teenagers in relation to the Lapsus$ gang but have not identified any of the people arrested.