London Daily

Focus on the big picture.
Thursday, Jul 09, 2026

SolarWinds hackers accessed Microsoft source code, the company says

SolarWinds hackers accessed Microsoft source code, the company says

The hacking group behind the SolarWinds compromise was able to break into Microsoft Corp and access some of its source code, Microsoft said on Thursday, something experts said sent a worrying signal about the spies' ambition.
Source code - the underlying set of instructions that run a piece of software or operating system - is typically among a technology company's most closely guarded secrets and Microsoft has historically been particularly careful about protecting it.

It is not clear how much or what parts of Microsoft's source code repositories the hackers were able to access, but the disclosure suggests that the hackers who used software company SolarWinds as a springboard to break into sensitive U.S. government networks also had an interest in discovering the inner workings of Microsoft products as well.

Microsoft had already disclosed that like other firms it found malicious versions of SolarWinds' software inside its network, but the source code disclosure - made in a blog post - is new. After Reuters reported it was breached two weeks ago, Microsoft said it had not "found any evidence of access to production services."

Three people briefed on the matter said Microsoft had known for days that the source code had been accessed. A Microsoft spokesman said security employees had been working "around the clock" and that "when there is actionable information to share, they have published and shared it."

The SolarWinds hack is among the most ambitious cyber operations ever disclosed, compromising at least half-a-dozen federal agencies and potentially thousands of companies and other institutions. U.S. and private sector investigators have spent the holidays combing through logs to try to understand whether their data has been stolen or modified.

Modifying source code - which Microsoft said the hackers did not do - could have potentially disastrous consequences given the ubiquity of Microsoft products, which include the Office productivity suite and the Windows operating system. But experts said that even just being able to review the code could offer hackers insight that might help them subvert Microsoft products or services.

"The source code is the architectural blueprint of how the software is built," said Andrew Fife of Israel-based Cycode, a source code protection company.

"If you have the blueprint, it's far easier to engineer attacks."

Matt Tait, an independent cybersecurity researcher, agreed that the source code could be used as a roadmap to help hack Microsoft products, but he also cautioned that elements of the company's source code were already widely shared - for example with foreign governments. He said he doubted that Microsoft had made the common mistake of leaving cryptographic keys or passwords in the code.

"It's not going to affect the security of their customers, at least not substantially," Tait said.

Microsoft noted that it allows broad internal access to its code, and former employees agreed that it is more open than other companies.

In its blog post, Microsoft said it had found no evidence of access "to production services or customer data."

"The investigation, which is ongoing, has also found no indications that our systems were used to attack others," it said.

Reuters reported a week ago that Microsoft-authorized resellers were hacked and their access to productivity programs inside targets leveraged in attempts to read email. Microsoft acknowledged some vendor access was misused but has not said how many resellers or customers may have been breached.

There was no response to requests for comment from the FBI, which is investigating the hacking campaign, or from the Department of Homeland Security's Cybsersecurity and Infrastructure Security Agency.

U.S. officials have attributed the SolarWinds hacking campaign to Russia, an allegation the Kremlin denies.

Both Tait and Ronen Slavin, Cycode's chief technology officer, said a key unanswered question was which source code repositories were accessed. Microsoft has a huge range of products, from widely used Windows to lesser known software such as social networking app Yammer and the design app Sway.

Slavin said he was worried by the possibility that the SolarWinds hackers were poring over Microsoft's source code as prelude to a much more ambitious offensive.

"To me the biggest question is, 'Was this recon for the next big operation?'" he said.
Comments

Oh ya 6 year ago
What will be really funnyvis the day you go to use your bitcoin and find its all gone. Poof, no more , chit out of luck, a fool and his money...........

Newsletter

Related Articles

0:00
0:00
Close
Tech Pulse: The Future of AI and Screen Culture
Global News Briefing: Escalating Geopolitical Tensions and Corporate Shakeups
Global News Brief: Escalating Conflicts, Public Health Crises, and World Cup Drama
Rare Early Copy of US Declaration of Independence Found in British Archive
Cornish Language Revival Gains Momentum Through Schools and Community Programs
UK Authorities Face Criticism Over Prisoner Early Release Safeguards
Clacton By-Election Set After Nigel Farage Resigns Seat to Trigger Contest
Government Agencies Review Long-Term Fiscal Risks from Aging Population and Low Productivity
UK Heatwaves Expose Pressure on Public Transport and Housing Infrastructure
UK Government Prepares Welfare Review Amid Debate Over Personal Independence Payment Reform
UK Government Expands Rapid Endometriosis Testing Across NHS Services
Vistry Group Issues Profit Warning as UK Housing Market Faces Continued Pressure
Virgin Media Receives Record Twenty-Eight Million Pound Fine Over Contract Cancellation Failures
Office for Budget Responsibility Warns UK Public Finances Face Long-Term Pressure
UK Watchdog Warns Regional Income Gap Has Barely Narrowed in Three Decades
IMF Raises United Kingdom Growth Forecast as Inflation and Energy Pressures Ease
UK Government Launches Regulatory Reform Bill to Speed Up Commercialization of Innovation
Prince Harry Loses Privacy Lawsuit Against Daily Mail Publisher After High Court Rejects Claims
Federal Financial Framework Shifts as Treasury Launches Universal Savings Program for Minors
Jet2 Reports Strong Summer Travel Demand as Bookings Rise Seven Percent
Prince Harry Loses High Court Privacy Case Against Daily Mail Publisher
British Universities Warn Against Potential European Union Tuition Fee Changes
Heal Fertility Clinic Investigated After Embryo Biopsy Sample Mix-Up
Resolution Foundation Warns Regional Income Divide Has Barely Improved Since 1997
British Markets Remain Cautious as Middle East Tensions Rise and Government Transition Nears
Andy Burnham Poised to Become United Kingdom Prime Minister in Expected Political Transition
Nigel Farage Resigns as Member of Parliament Ahead of By-Election Amid Funding Investigation
Trump Declares Iran Ceasefire Over After Renewed Attacks on United States Bases
French Court Allows Le Pen to Run for Presidency, but with an Electronic Tag: "I Will Appeal, and I Will Run"
$1.4 Trillion: The Lawsuit That Could Crush Meta
Europe's Growing Struggle with Extreme Heat and Air Conditioning
UK Daily Briefing: Legal Developments and Social Issues
Political Turmoil and Rising Costs
Anthropic Reengineers Agentic Architecture to Shift Autonomous Workplace Automation to the Cloud
Logic Flaw in Windows 11 Permission Architecture Silently Consumes Hundreds of Gigabytes of Local Storage
Apple Advances Late-Stage Operating Systems with Fourth Beta Deployments
Global Crisis Alert: Escalating Middle East Tensions and UK Political Upheaval
UK Parliament Pushes for Greater Domestic Control Over Critical Technologies
UK Parliament Warns Trade Fair and Exhibition Industry Is Losing Global Competitiveness
Police Launch Murder Investigation After Mother and Two Children Found Dead Near Bedford
British Chambers of Commerce Survey Shows Business Confidence Falls to Post-Pandemic Low
UK Parliament Report Warns Britain Risks Falling Behind in Artificial Intelligence Sovereignty
Office for Budget Responsibility Warns United Kingdom Faces Long-Term Fiscal Pressures
Nigel Farage Resigns as Member of Parliament Amid Financial Scrutiny and Triggers By-Election
Deep Purple Has Released Its Best Album in Decades
UK MPs Criticise Student Loan System as Potentially Mis-Sold to Millions of Borrowers
Policy Groups Propose Bank of England-Backed Solar Loan Scheme for Millions of Homes
UK Health Agency Issues Amber Heat Alerts Across Six Regions as Temperatures Rise
Royal Air Force F-35 Jets Conduct First High North Air Policing Missions From Aircraft Carrier
Major UK Companies Join Government Cybersecurity Pledge Amid Rising Digital Threats
×