Security News > 2020 > December > Microsoft identifies 40+ victims of SolarWinds hack, 80% from US
After the malicious Orion upgrades were installed on the systems of thousands of SolarWinds customers, Microsoft President Brad Smith said that the suspected Russian hacking group were able to "Pick and choose" targets of interest already compromised organizations.
Based on information gathered while investigating the still ongoing hacking campaign, Microsoft has notified the over 40 organizations that were "Targeted more precisely and compromised through additional and sophisticated measures."
80% of the identified victims are located in the United States and the rest of 20% is spread over seven other countries including Canada, Mexico, Belgium, Spain, the United Kingdom, Israel, and the UAE. A heat map of all Microsoft customers that were hit in the SolarWinds supply chain attack after installing the backdoor tracked as Solarigate or Sunburst via the compromised Orion auto-update mechanism.
The US government targets breached following the SolarWinds hack coordinate finance, national security, health, and telecommunications sectors, while government contractor victims are focused on supporting defense and national security organizations.
SolarWinds' list of 300,000 customers [1, 2] includes over 425 US Fortune 500 companies, all top ten US telecom companies, and US government agencies including the US Military, the US Pentagon, the US Department of Justice, the State Department, NASA, NSA, Postal Service, NOAA, and the Office of the President of the United States, some of which have already been confirmed as hacked.