A blog post addressing the matter notes that Microsoft’s investigation uncovered a single account had been compromised, which granted the attacker “limited access.” According to Microsoft, their team was already investigating the compromised account when Lapsus$ publicly disclosed the intrusion.
If you recall, the group released a dump earlier this week containing around 37GB worth of Microsoft data. The haul reportedly included portions of source code for Bing, Bing Maps and Cortana.