Security News > 2020 > December > Microsoft confirms breach in SolarWinds hack, denies infecting others
Microsoft has confirmed that they were hacked in the recent SolarWinds attacks but denied that their software was compromised in a supply-chain attack to infect customers.
Tonight, Reuters released a report stating that sources indicated that Microsoft was not only compromised in the SolarWinds supply-chain attack but also had their software modified to distribute malicious files to its clients.
In a statement to BleepingComputer, Microsoft confirmed that they detected malicious SolarWinds binaries in their environment but denies that their systems were used to compromise customers.
"Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious Solar Winds binaries in our environment, which we isolated and removed. We have not found evidence of access to production services or customer data. Our investigations, which are ongoing, have found absolutely no indications that our systems were used to attack others," Microsoft told BleepingComputer.
It is reported that a Russian hacking group has allegedly attacked the City of Austin, but there is no indication that they are related to the SolarWinds breach.
News URL
Related news
- Key Lesson from Microsoft’s Password Spray Hack: Secure Every Account (source)
- U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers (source)
- US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack (source)
- CISA investigates critical infrastructure breach after Sisense hack (source)
- CISA orders agencies impacted by Microsoft hack to mitigate risks (source)
- U.S. Federal Agencies Ordered to Hunt for Signs of Microsoft Breach and Mitigate Risks (source)
- Microsoft breach allowed Russian spies to steal emails from US government (source)
- Panda Restaurants discloses data breach after corporate systems hack (source)