Microsoft discloses an alarming breach by Russian state-backed hackers, exposing a more significant intrusion into the tech giant’s systems than previously disclosed in January. The hackers, suspected of espionage campaigns linked to the Kremlin, accessed core software systems and utilized stolen information from corporate email systems to infiltrate Microsoft’s source code repositories and internal systems.
In a filing with the US Securities and Exchange Commission, Microsoft states that source code, the vital foundation of software programs, is a coveted target for corporations and espionage efforts. Those with access to source code can leverage it for subsequent attacks on other systems, raising concerns about the potential consequences of this breach.
This incident follows the January revelation, coinciding with a similar breach at Hewlett Packard Enterprise by the same hackers. Although the exact purpose of the hacking activity remains unclear, experts note the group’s history of extensive intelligence gathering campaigns in support of the Kremlin.
The hacking group, previously implicated in the SolarWinds breach of several US agency email systems in 2020, had prolonged access to unclassified email accounts at departments like Homeland Security and Justice. The group is attributed to Russia’s foreign intelligence service, a claim denied by Russia.
Since the 2020 hack, these Russian hackers persist in breaching widely-used tech firms, enhancing their espionage campaigns. Microsoft emphasizes that, to date, there’s no evidence of compromise in customer-facing systems hosted by the company. Stay informed for further updates on this evolving cybersecurity incident.
