reader comments
12 with 10 posters participating
The hackers behind one of the worst breaches in US history read and downloaded some Microsoft source code, but there’s no evidence they were able to access production servers or customer data, Microsoft said on Thursday. The software maker also said it found no evidence the hackers used the Microsoft compromise to attack customers.
Microsoft released those findings after completing an investigation begun in December, after learning its network had been compromised. The breach was part of a wide-ranging hack that compromised the distribution system for the widely used Orion network-management software from SolarWinds and pushed out malicious updates to Microsoft and roughly 18,000 other customers.
The hackers then used the updates to compromise nine federal agencies and about 100 private-sector companies, the White House said on Wednesday. The federal government has said that the hackers were likely backed by the Kremlin.
In a post Thursday morning, Microsoft said it had completed its investigation into the hack of its network.
“Our analysis shows the first viewing of a file in a source repository was in late November and ended when we secured the affected accounts,” Thursday’s report stated. “We continued to see unsuccessful attempts at access by the actor into early January 2021, when the attempts stopped.”
first revealed the SolarWinds compromise and the resulting software supply chain attack on its customers. Other organizations hit included Malwarebytes, Mimecast, and the US departments of Energy, Commerce, Treasury, and Homeland Security.