According to Reuters, a "highly sophisticated hacking group" caused alarm at Microsoft after it managed to break into the highly sensitive database. At the time, Microsoft has not disclosed the attack, but Reuters reports that five former employees have confirmed the breach occurred.
As reported by Reuters, Microsoft first caught wind of the breach in 2013 after a series of breaches were discovered at Apple, Twitter, Facebook, and other tech companies. The group behind the attack, referred to as Morpho, Butterfly, or Wild Neutron, managed to break into Mac computers used by employees, leveraging them to move on to Microsoft's company networks. In a February 22, 2013, statement, Microsoft confirmed the attack but did not mention that its bug database had been breached.
According to the employees interviewed by Reuters, the flaws likely were fixed "within months of the hack." Though, as Reuters reports, the database was protected with "little more than a password" before the breach, Microsoft bolstered later bolstered security by "walling the database off from the corporate network and requiring two authentications for access."
Still, the hack was cause for much concern because bugs found in the database could have been potentially used in attacks elsewhere before they were patched. According to the report, Microsoft was not able to determine whether the breach had an impact when cross-referencing hacking attacks with bugs in the database at the time of the hack.
The possibility could not be ruled out, however, as Microsoft relied on automated reports from crashes to track attacks, according to Reuters. That's potentially problematic because it doesn't account for attacks that don't result in crashes, and machines containing highly sensitive information may not allow automatic reporting.
Dan Thorp-Lancaster is the Editor in Chief for Windows Central. He began working with Windows Central as a news writer in 2014 and is obsessed with tech of all sorts. You can follow Dan on Twitter @DthorpL and Instagram @heyitsdtl. Got a hot tip? Send it to email@example.com.
Get the best of Windows Central in in your inbox, every day!
Thank you for signing up to Windows Central. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.