Microsoft reveals SolarWinds hackers were able to access its source code


The hacking group behind the SolarWinds compromise was able to break into Microsoft and access some of the company’s source code, Microsoft said Thursday.

In a blog post, the company said its investigation had turned up irregularities with a “small number of internal accounts” and that one of the accounts “had been used to view source code in a number of source code repositories.”

The disclosure adds to the ever-growing picture of the compromises associated with the SolarWinds hack, which used the Texas-based company’s flagship network monitoring software as a springboard to break into the sensitive US government networks and other tech companies. Microsoft had already disclosed that like other firms, it found malicious versions of SolarWinds’ software inside its network, but the source code disclosure is new.

A company’s source code — the underlying set of instructions that run a piece of software or an operating system — is typically among its most closely guarded secrets.

It is not clear how many or specifically which source code repositories the hackers were able to access. A Microsoft spokesman declined to elaborate on the blog post.

Microsoft said the hijacked account did not have the ability to modify any Microsoft code. The blog post further added it has found no evidence of access “to production services or customer data.”

“The investigation, which is ongoing, has also found no indications that our systems were used to attack others,” it said.