The company said none of its code has been changed and that its investigation will continue. “This activity has not endangered the security of our services or customer data,” Microsoft said, adding that “viewing the source code is not related to elevated risk” for the business.
Even though Microsoft downplayed the risk associated with this discovery, it further shows how far the attack has reached. With SolarWinds’ network security software being widely used, the group behind the hack has potentially gained access to an unprecedented amount of sensitive data since government agencies and large companies. Government officials have said that Russia is responsible, although investigators are still discovering the full extent of the hack.