Microsoft Says SolarWinds Hackers Downloaded Some Azure, Exchange, and Intune Source Code

Microsoft's security team said today it has formally completed its investigation into its SolarWinds-related breach and found no evidence that hackers abused its internal systems or official products to pivot and attack end-users and business customers. From a report: The OS maker began investigating the breach in mid-December after it was discovered that Russian-linked hackers breached software vendor SolarWinds and inserted malware inside the Orion IT monitoring platform, a product that Microsoft had also deployed internally. In a blog post published on December 31, Microsoft said it discovered that hackers used the access they gained through the SolarWinds Orion app to pivot to Microsoft's internal network, where they accessed the source code of several internal projects. 'Our analysis shows the first viewing of a file in a source repository was in late November and ended when we secured the affected accounts,' the company said today, in its final report into the SolarWinds-related breach.

Read more of this story at Slashdot.