Microsoft says it is looking into claims that the Lapsus$ data extortion hacking group gained access to its internal Azure DevOps source code repositories and stole data.