Hackers who recently managed to break into large companies and government agencies via SolarWinds software have also seen the source code of Microsoft products. The company says the attackers were unable to adjust those.
In the hack on Microsoft, the hackers did manage to loot information, the company writes in a blog post. Microsoft was one of the companies affected by the December supply chain attack on SolarWinds. In that attack, a group of hackers from presumably Russia managed to break into various US ministries, government agencies and companies. This was done by infecting an update to network monitoring software Orion. Microsoft said at the time that the hackers had also penetrated the systems of that company, but that no information was stolen.
Now, after more research, Microsoft says that the hackers did have access to certain data. This includes the source code of some products, although the company does not say which software is involved. The hackers would have taken over several internal accounts, one of which has looked up the source codes. That account, according to Microsoft, had no permissions to modify code. Microsoft does not write whether that code has also been exported.
Microsoft says it uses an innersource approach to writing code. As a result, according to the company, all employees can view all code. “Within our threat model, we assume that hackers can view our source code,” the company writes. Microsoft says customer data has not been stolen and no SAML tokens have been stolen as some other SolarWinds victims have done.