Microsoft admitted that the SolarWinds hackers were able to acquire its codes for three of its big products. These are specifically Azure, Intune, and Exchange. Although this might seem a big issue, consumers don't have to worry about it since the online attackers were not able to access Microsoft's customer data. 

Microsoft Admits SolarWinds Acquires Three Codes of Its Big Products: Azure, Intune, and Exchange
(Photo : Photo by Adam Berry/Getty Images)
BERLIN, GERMANY - DECEMBER 27: A participant looks at lines of code on a laptop on the first day of the 28th Chaos Communication Congress (28C3) - Behind Enemy Lines computer hacker conference on December 27, 2011 in Berlin, Germany. The Chaos Computer Club is Europe's biggest network of computer hackers and its annual congress draws up to 3,000 participants.

According to Engadget's latest report, Microsoft already investigated the SolarWinds attack after it discovered unusual online activity in its systems previously in December 2020. And now, ZDNet reported that Microsoft announced the investigation has been completed. 

The tech giant company said that they found no evidence that the cybercriminals abused its official products or internal systems to shift and attack Microsoft's regular consumers and business customers. 

"Our analysis shows the first viewing of a file in a source repository was in late November and ended when we secured the affected accounts," said Microsoft via ZDNet

Microsoft codes that SolarWinds attackers breached 

Based on the company's investigation, Microsoft said that the online attackers focused on locating access tokens that they can use to widen their access to other Microsoft systems. The tech giant company added that the hackers were able to download some of its codes for big its three big products. 

Microsoft Admits SolarWinds Acquires Three Codes of Its Big Products: Azure, Intune, and Exchange
(Photo : Photo by Adam Berry/Getty Images)
BERLIN, GERMANY - DECEMBER 27: A particpant checks a circuit board next to an oscilloscope on the first day of the 28th Chaos Communication Congress (28C3) - Behind Enemy Lines computer hacker conference on December 27, 2011 in Berlin, Germany. The Chaos Computer Club is Europe's biggest network of computer hackers and its annual congress draws up to 3,000 participants.

Also Read: SHAREit Could Completely Leak Your Personal Info! Experts Claim Its Security Bugs Are Still Unpatched

However, the company confirmed that the data was not extensive and that the intruders only downloaded the source code of a few components linked to Azure, Intune, and Exchange, which are cloud-based products. 
Here are codes that the breached repositories contained; 

  • a small subset of Intune components
  • a small subset of Exchange components
  • a small subset of Azure components (subsets of service, security, identity)

Some researchers stated that the previous SolarWinds attack appears to have no damage on Microsoft's products. They also stated that it didn't provide hackers extensive access to user data.  

Did SolarWinds affects 100 U.S. companies? 

The White House team, which lead the investigation against the SolarWinds breach, concluded that the massive attack also affected 100 U.S. companies, which could lead to another feature hacking attack. 

Anne Neuberger, deputy national security advisor for Cyber and Emerging Technology at the White House, said that SolarWinds hackers also attacked 100 private sectors U.S. organizations. 

"Many of the private sector compromises are technology companies including networks of companies whose products could be used to launch additional intrusions," she said. As of the moment, there is still some info that Microsoft hasn't discovered yet regarding the previous massive breach. 

For more news updates about SolarWinds and other massive online breaches, always keep your tabs open here at TechTimes.  

Related Article: More Than a Thousand Developers Hack SolarWinds Hack, Says Microsoft

This article is owned by TechTimes.

Written by: Giuliano de Leon.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion