Straitstimes.com header logo

Russian hackers of US govt agencies viewed Microsoft's source code, firm says

Sign up now: Get ST's newsletters delivered to your inbox

Google Preferred Source badge
WASHINGTON • Microsoft has said the far-reaching Russian hack of US government agencies and private corporations went further into its network than the company had previously understood.
While the hackers, suspected to be working for Russia's SVR intelligence agency, did not appear to use Microsoft's systems to attack other victims, they were able to view Microsoft source code by accessing an employee account, the company said on Thursday.
Source code - the underlying set of instructions that run a piece of software or operating system - is typically among a tech firm's most closely guarded secrets.
Microsoft said the hackers were unable to access e-mails or its products and services, and that they were not able to modify the source code they viewed.
It did not say how long hackers were inside its networks or which products' source code had been viewed. Microsoft had initially said it was not breached in the attack.
Three sources briefed on the matter said the firm had known for days that the source code had been accessed.
A Microsoft spokesman said security employees had been working around the clock and that when there is actionable information to share, they have published and shared it.
The hack, which may be ongoing, appears to have begun as far back as October 2019. That was when hackers first breached the Texas company SolarWinds, which provides technology monitoring services to government agencies and 425 of the Fortune 500 companies.
The compromised software was then used to penetrate the US Commerce, Treasury, State and Energy departments, as well as FireEye, a top cyber-security firm that first revealed the breach last month.
Investigators are still trying to understand what the hackers stole, and ongoing investigations suggest the attack is more widespread than initially believed.
In the past week, CrowdStrike, a FireEye competitor, announced that it too had been targeted, unsuccessfully, by the same attackers. In that case, the hackers used Microsoft resellers - companies that sell software on Microsoft's behalf - to try to access its systems.
In its blog post, Microsoft said it had found no evidence of access to production services or customer data. "The investigation, which is ongoing, has also found no indications that our systems were used to attack others."
REUTERS, NYTIMES
See more on

Microsoft

Hacking

E-paper

Newsletters

Podcasts

RSS Feed

About Us

Terms & Conditions

Personal Data Protection Notice

Need help? Reach us here.

Advertise with us

Download the app

Get unlimited access to exclusive stories and incisive insights from the ST newsroom
Subscribe Placeholder
MDDI (P) 046/10/2025. Published by SPH Media Limited, Co. Regn. No.202120748H. Copyright © 2026 SPH Media Limited. All rights reserved.