Security News > 2021 > February > Microsoft: SolarWinds hackers downloaded some Azure, Exchange source code
Microsoft announced today that the SolarWinds hackers gained access to source code for a limited number of Azure, Intune, and Exchange components.
After internal investigations of their use of the SolarWinds platform, Microsoft announced in December that they were affected by the attack and that hackers could gain access to a limited amount of source code repositories.
Today, Microsoft has released the final update into their investigation and determined that the hackers could only access a few files for most repositories.
For some repositories, including ones for Azure, Intune, and Exchange, the attackers could download component source code.
For a small number of repositories, there was additional access, including in some cases, downloading component source code.
Microsoft states that they have a strict development policy that prohibits storing secrets in source code and use automated tools to verify this compliance.
News URL
Related news
- Microsoft Exchange Online outage affects Outlook web users (source)
- Microsoft: Exchange Online bug mistakenly quarantines user emails (source)
- Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws (source)
- Microsoft investigates global Exchange Admin Center outage (source)
- Microsoft: Exchange 2016 and 2019 reach end of support in six months (source)
- Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach (source)
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)
- Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts (source)
- Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach (source)
- Microsoft fixes Exchange Online bug flagging Gmail emails as spam (source)