https://techmonitor.ai/technology/cybersecurity/microsoft-confirms-lapsus-breach-and-reveals-hacking-groups-tactics

Microsoft has confirmed that hacking group Lapsus$ successfully compromised an employee's user account and stole code, days after the group boasted that it had infiltrated the software giant. No customer data or code was affected, Microsoft says, and the operation was interrupted by its security team. The company made the admission in a blog post describing Lapsus$'s tactics, and offering guidance on how to protect against them.

Microsoft says its cybersecurity team was already investigating the intrusion when, on Sunday, Lapsus$ boasted it had compromised an employee account and stolen source code from the company. "This public disclosure escalated our action allowing our team to intervene and interrupt the actor mid-operation, limiting broader impact," the company wrote in its blog post. "Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity."