A Russian hacker gained access to several core software systems of Microsoft in a hack last January. According to Microsoft’s admission on Friday (8/3), there were broader and more serious anomalies within Microsoft’s systems that were previously unknown.
The company believes the hackers in recent weeks have been using information stolen from Microsoft’s email systems.
“(The hackers accessed) several source code repositories and internal company systems,” Microsoft told the US Securities and Exchange Commission on Friday (8/3).
Source code is often coveted by companies – and spies attempting to breach them. This is because it contains the secrets of software programs that make them function.
Hackers with access to source code can use it for further attacks on other systems.
Microsoft first disclosed the breach in January, a few days before another major technology company, Hewlett Packard Enterprise, said the same hackers had breached its cloud-based email systems.
It is not yet known exactly what the hackers’ objectives were and to what extent they infiltrated the core systems. However, experts say the hacker group is responsible for gathering intelligence data and is affiliated with the Kremlin.
The hacker group is said to be behind the breach of several US agency email systems that was uncovered in 2020.
The hackers had control of the systems for months, accessing unclassified email accounts belonging to the Department of Homeland Security.
US officials have linked the hacker group to Russian foreign intelligence services. However, the Kremlin has denied involvement in the operation.
Years since the 2020 breach, Russian hackers continue to breach technology companies widely used as part of their espionage campaigns.
In activities described on Friday, the hackers are suspected of using information stolen from Microsoft “to gather an overview of areas to attack and enhance their ability to do so,” the company said in a blog post accompanying the SEC filing.
“So far we have not found evidence that systems related to Microsoft-hosted customers have been compromised,” Microsoft said.
