SolarWinds attackers downloaded source code from Microsoft’s Azure, Intune, and Exchange

While the SolarWinds attackers managed to download portions of the source code of three Microsoft services, they did not gain access to customer data.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

What you need to know

What you need to know

Microsoft recently completed its internal investigation of theSolarWindsattack. The investigation concluded that the people behind the attack did not gain access to customer data. The hackers did, however, manage to download a portion of the source code for Microsoft’s Azure, Intune, and Exchange services.

Microsoft states in ablog post:

We have now completed our internal investigation into the activity of the actor and want to share our findings, which confirm that we found no evidence of access to production services or customer data. The investigation also found no indications that our systems at Microsoft were used to attack others. Because of our defense-in-depth protections, the actor was also not able to gain access to privileged credentials or leverage the SAML techniques against our corporate domains.

Microsoft also details that the attacks were able to download part of the source code of three of its products:

The attackers were likely seeking to find secrets based on the search terms that they used. Microsoft explains that it does not keep secrets in its code and that it uses automated tools to verify compliance with its rules related to this.

Microsoft President Brad Smith recently said that the SolarWinds attack was probably the “largest and most sophisticated attack the world has ever seen.” The attacks targeted government agencies, NVIDIA, Intel, Cisco, Belkin, and other organizations.

The US government believes that Russia was behind the attack, though that’s not confirmed at this point.

Get the Windows Central Newsletter

Get the Windows Central Newsletter

All the latest news, reviews, and guides for Windows and Xbox diehards.

Sean Endicott is a tech journalist at Windows Central, specializing in Windows, Microsoft software, AI, and PCs. He’s covered major launches, from Windows 10 and 11 to the rise of AI tools like ChatGPT. Sean’s journey began with the Lumia 740, leading to strong ties with app developers. Outside writing, he coaches American football, utilizing Microsoft services to manage his team. He studied broadcast journalism at Nottingham Trent University and is active on X @SeanEndicott_ and Threads @sean_endicott_.