According to Reuters, a "highly sophisticated hacking group" caused alarm at Microsoft after it managed to break into the highly sensitive database. At the time, Microsoft has not disclosed the attack, but Reuters reports that five former employees have confirmed the breach occurred.
As reported by Reuters, Microsoft first caught wind of the breach in 2013 after a series of breaches were discovered at Apple, Twitter, Facebook, and other tech companies. The group behind the attack, referred to as Morpho, Butterfly, or Wild Neutron, managed to break into Mac computers used by employees, leveraging them to move on to Microsoft's company networks. In a February 22, 2013, statement, Microsoft confirmed the attack but did not mention that its bug database had been breached.
As reported by Facebook and Apple, Microsoft can confirm that we also recently experienced a similar security intrusion. We found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organizations. We have no evidence of customer data being affected, and our investigation is ongoing.
According to the employees interviewed by Reuters, the flaws likely were fixed "within months of the hack." Though, as Reuters reports, the database was protected with "little more than a password" before the breach, Microsoft bolstered later bolstered security by "walling the database off from the corporate network and requiring two authentications for access."
Still, the hack was cause for much concern because bugs found in the database could have been potentially used in attacks elsewhere before they were patched. According to the report, Microsoft was not able to determine whether the breach had an impact when cross-referencing hacking attacks with bugs in the database at the time of the hack.
These people said the study concluded that even though the bugs in the database were used in ensuing hacking attacks, the perpetrators could have gotten the information elsewhere.
The possibility could not be ruled out, however, as Microsoft relied on automated reports from crashes to track attacks, according to Reuters. That's potentially problematic because it doesn't account for attacks that don't result in crashes, and machines containing highly sensitive information may not allow automatic reporting.
Review: Samsung Galaxy Book S brings amazing battery life, tough keyboard
Samsung's Galaxy Book S runs the latest Qualcomm Snapdragon 8cx ARM processor. With a slick, slim design and weighing just 2.1lbs how does this ultra-light laptop handle office productivity? With exceptionally good battery life and that always-on 4G LTE we have some thoughts in our latest review.
The games on Xbox Cloud Gaming that need touch controls
Minecraft Dungeons proved that touch controls and cloud streaming games can work, so we put together a list of the games we think need touch controls as soon as possible.
Join us LIVE for the Windows Central Video Podcast today at 2:30PM ET
We're LIVE with the Windows Central Video Podcast today at 2:30pm ET, make sure you're there!
These are the best upgrades for your Prusa Mk3 3D printer
The Prusa Mk3 is one of the best 3D printers you can buy right now, but even the best can be made better. Here are some of our favorite upgrades for the Mk3.