Microsoft says systems were exposed in massive SolarWinds hack
Microsoft’s systems were exposed as part of the suspected Russian cybersecurity hack that targeted SolarWinds and hit multiple government agencies, people familiar with the matter told Reuters.
The people told the newswire that Microsoft’s own products were used to further attacks on others. It’s unclear how many Microsoft users were affected.
CNBC noted that multiple government agencies use Office 365, including the Department of Defense.
Microsoft spokesperson Frank Shaw said in a statement posted to Twitter that the company had detected malicious SolarWind binaries, which it removed. It has not found evidence of “access to production services or customer data.”
“Our investigations, which are ongoing, have found absolutely no indications that our systems were used to attack others.”
Dozens of federal agencies had been breached earlier this year as part of the cyberattack on SolarWinds. The Cybersecurity and Infrastructure Security Agency issued an alert detailing the attack on Thursday, in which it warned that it posed a “grave risk” to federal and state governments, as well as private sector organizations.