Microsoft published a blog post detailing the activities, techniques and tactics of the hackers (Lapsus$ group), which the company tracks as DEV-0537.
According to Microsoft, the group initially targeted organizations in South America and the United Kingdom, but it has now expanded to global targets in various sectors, including government, telecom, tech, media, healthcare and retail. The hackers have also targeted the cryptocurrency exchange accounts of individual users.
Okta said the breach impacted roughly 2.5% of its customers — the company has 15,000 customers so that means nearly 400 are impacted. A threat group calling itself Lapsus$ announced recently that it had gained access to the source code of Microsoft products such as Bing and Cortana.