There have been numerous high-profile cyber-attacks in recent years, such as the Apple iCloud scandal and Yahoo’s email breach. A new report shows that Microsoft suffered its own major breach over four years ago. The company did not make the attack public, but dealt with it behind closed doors.
According to five former Microsoft employees, the company suffered an attack on its internal database for tracking bugs in software. To hack the security, a highly sophisticated cybercrime group that managed to breach a corporate database for only the second time.
Speaking to Reuters, the former employees say the database in question was a hold for vulnerability information for Microsoft’s leading software offerings, such as Windows.
Once the breach was known, Microsoft acted quickly and fixed the issue. From hack to fix, the employees say the process took months. However, the company was worried about the sensitivity of the data, which was a treasure trove that could have led to further attacks.
“Bad guys with inside access to that information would literally have a ‘skeleton key’ for hundreds of millions of computers around the world,” said Eric Rosenbach, who was U.S. deputy assistant secretary of defence for cyber during the breach.
Despite the concerns, the employees say Microsoft checked if the stolen data had been used for further breaches. Luckily, the company did not find evidence that the information was furthered. Microsoft also responded by shoring up the data base, specifically making sure it is no longer on the corporate network.
Database Breach Legacy
While this breach has been and gone, it is an important revelation. As I mentioned, this is only the second such database attack. The only other confirmed instance of a breach was a 2015 attack on Mozilla Foundation, the non-profit behind the Firefox browser.
The company confirmed a hacking group accessed a database holding 10 severe and unpatched flaws.
It is worrying that databases can be breached, but arguably more concerning is that Microsoft has covered up such attacks. Are we in a situation where the company has been attacked many times and not made it public?