Οι hackers που πραγματοποίησαν την επίθεση στην SolarWinds κατάφεραν να αποκτήσουν πρόσβαση στο εσωτερικό δίκτυο της Microsoft and gain access to a small number of internal accounts, which were used to access the source repositories code the company's.
The news came from the company itself on Thursday.
Microsoft said the attackers did not make any changes to the accessed repositories because the compromised accounts were only allowed to display the code.
The company stressed that, despite displaying some points of the source code, hackers were unable to gain access to production systems, customer data or Microsoft products to attack the company's customers.
The Redmond-based company says its investigation is ongoing.
Microsoft admitted on December 17 that it was using SolarWinds Orion, a platform monitorings, in its internal network.
It was one of thousands of companies they discovered malware on their networks, which were created through infected Orion updates.
Of course, Microsoft denies that the hackers saw the internal source code repositories, claiming that this is not important.
"At Microsoft, we have an internal source approach - we use best open source software development practices.
This means that we do not rely on source code for product security and the security models we use assume that intruders already know the source code. ”