Lawrence Abrams reports:
In a new blog post published tonight, Microsoft has confirmed that one of their employee’s accounts was compromised by Lapsus$, providing limited access to source code repositories.
“No customer code or data was involved in the observed activities. Our investigation has found a single account had been compromised, granting limited access. Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity,” explained Microsoft in an advisory about the Lapsus$ threat actors.
Read more at BleepingComputer.