Microsoft, one of the most high-profile targets of the alleged Russian-linked hacking group behind the recent SolarWinds cyber-intrusion, announced Thursday that the spies were able to access some of the company’s source code used to build software products,
The good news for the tech giant is that no damage was seemingly done according to the Seattle-based company.
“We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories,” Microsoft wrote Thursday in an update on the hack. “The account did not have permissions to modify any code or engineering systems and our investigation further confirmed no changes were made.”
Thousands of corporations and government agencies were affected by the cyber-espionage operation, which inserted malicious code into Austin-based Solarwinds’ flagship software product to peer into the central networks of companies and the government.
U.S. officials have blamed Russia, but the Kremlin has denied involvement.
The company said that besides its own code, its investigation “found no evidence of access to production services or customer data” and “also found no indications that our systems were used to attack others.”
Microsoft did not immediately respond to a request for comment Thursday.
Solarwinds said 18,000 customers were affected by the hack, including many Fortune 500 companies and numerous government agencies.
The massive operation was uncovered earlier this month when the cybersecurity firm FireEye revealed that it had been hacked. FireEye CEO Kevin Mandia said the attack was “by a nation with top-tier offensive capabilities.”
“They are highly trained in operational security and executed with discipline and focus,” he wrote in a blog post on Dec. 8th.
“They operated clandestinely, using methods that counter security tools and forensic examination. They used a novel combination of techniques not witnessed by us or our partners in the past.”
Meanwhile, Solar Winds has taken a hit since news of the attack broke. In the last month, the company’s stock has dropped more than 34%. In addition, the likes of Truist Securities and Baird have both downgraded SolarWinds stock from a buy to hold with both also anticipating stock price targets dropping to around $15. The stock closed on New Year’s Eve at $14.85 a share.