On Thursday, Microsoft stated that SolarWinds supply chain hackers succeeded in break into Microsoft’s internal network and obtained access to a few internal accounts. These accounts were used to access Microsoft source code repositories.
The Windows OS maker stated that the hackers did not do any modifications to the repositories. They just accessed it to obtain access to production systems, client data, or utilize Microsoft products to attack Microsoft clients.
The news arrives as an update to the company’s internal investigation into the SolarWinds event. Microsoft posted this update today on its blog.
Microsoft put stress on the point that in spite of viewing some of their source code, the threat actors didn’t execute any attack to obtain access to the production systems, client data or utilize Microsoft products to execute an attack on Microsoft’s clients.
Source Code: Source code is an underlying set of instructions that executes a part of software or an Operating System (OS).
Microsoft priorly, confirmed breach in SolarWinds Supply Chain Hack.
It is unclear how much or what components of Microsoft’s source code repositories the hackers were capable to access, however, the disclosure hints that the hackers who utilized software company SolarWinds as a medium to invade into sensitive US government networks also had an interest in exploring the internal workings of Microsoft products as well.
Tait and Ronen Slavin, Cycode’s chief technology officer stated a fundamental vexed question which was source code repositories were reached. Microsoft has a wide set of products, from broadly utilized Windows to not much know or less popular software like social networking app Yammer and the design app Sway.
Subscribe to our newsletter for the latest security news right from the security and research industries.