The hacking group lapsus $ posted a file that it claimed contains partial source code for Bing and Cortana in an archive holding nearly 37GB of data.

Microsoft confirmed the group that it calls dev-0537 compromised’without a single account’. On Tuesday evening, after investigating, Microsoft confirmed that it called dev-0537 compromised. The group stole parts of source code for some of its products.

Microsoft maintains that the leaked code is not severe enough to cause an elevation of risk. Its response teams shut down the hackers mid-operation.

Group says it’s had access to data from Okta, Samsung, and Ubisoft, as well as Nvidia and now Microsoft.

The actor made public claims that they gained access to Microsoft. No customer code or data was involved in the observed activities. Our investigation has found a single account had been compromised.

Microsoft does not rely on secrecy of code as a security measure. Viewing source code does not lead to elevation of risk. Our team was already investigating the compromised account based on threat intelligence.

Lapsus $ claims it only got around 45 percent of Bing and Cortana, and 90 percent of the code for Bing Maps. The latter feels like a less valuable target than the other two, even if Microsoft was worried about its source code revealing vulnerabilities.