Microsoft is reportedly becoming a member of the rising listing of victims of the SolarWinds hack


Microsoft was hacked by the same group that compromised the networks of software maker SolarWinds and several federal agencies, Reuters reported, citing people familiar with the matter.

In response to the report, Microsoft said it had detected a backdoor version of SolarWinds software on its network but found no evidence that the company's production system was compromised or customer data was accessed.

In a statement by Microsoft spokesman Frank X. Shaw, company officials wrote:

Like other SolarWinds customers, we have been actively looking for indicators for this actor and can confirm that we have discovered harmful SolarWinds binaries in our environment that we have isolated and removed. We did not find any evidence of access to production services or customer data. Our ongoing investigations have found absolutely no evidence that our systems have been used to attack anyone.

While the statement did not indicate that no part of the Microsoft network had been compromised, it did challenge key parts of Reuters reporting.


Quoting the same people, Reuters said that after the hackers broke Microsoft, they used Microsoft's own products in follow-up hacks against others. It wasn't immediately clear how many Microsoft users were affected or what Microsoft products were being used. Microsoft representatives did not immediately return an email requesting a comment.

Microsoft is just one of the recent additions to a rapidly growing list of victims of the far-reaching and advanced hack reportedly sponsored by the Russian government. Politico reported that the US Department of Energy and the National Nuclear Security Administration had evidence that the same hackers had accessed their networks. Bloomberg News said three unidentified US states were hacked in the same campaign. The Intercept meanwhile said the hackers had been in the city of Austin, Texas, for months.

The rapidly unfolding revelations highlight the skill, discipline, and resources that the hackers possessed. In a warning posted on Thursday, the Cybersecurity Infrastructure and Security Agency said the hacks pose a "serious risk" to US governments at all levels.

New details are expected to be available in the next few hours. This history will be updated as necessary.


Steven Gregory