Microsoft has finally acknowledged the attack and theft of source code by the Lapsus$ group (tracked as DEV-0537). According to the announcement, a single user account was compromised to gain limited access to their systems and source code. The public confirmation which Microsoft published late Tuesday (March 22, 2022) not only includes details about the attack on Microsoft, but also some detailed information about the TTPs (tactics, techniques, and procedures) used by the group.