Hackers reportedly broke into Microsoft's bug tracking database in 2013
Microsoft suffered a breach of its internal database for tracking bugs in 2013, according to a new report.
According to Reuters, a "highly sophisticated hacking group" caused alarm at Microsoft after it managed to break into the highly sensitive database. At the time, Microsoft has not disclosed the attack, but Reuters reports that five former employees have confirmed the breach occurred.
As reported by Reuters, Microsoft first caught wind of the breach in 2013 after a series of breaches were discovered at Apple, Twitter, Facebook, and other tech companies. The group behind the attack, referred to as Morpho, Butterfly, or Wild Neutron, managed to break into Mac computers used by employees, leveraging them to move on to Microsoft's company networks. In a February 22, 2013, statement, Microsoft confirmed the attack but did not mention that its bug database had been breached.
According to the employees interviewed by Reuters, the flaws likely were fixed "within months of the hack." Though, as Reuters reports, the database was protected with "little more than a password" before the breach, Microsoft bolstered later bolstered security by "walling the database off from the corporate network and requiring two authentications for access."
Still, the hack was cause for much concern because bugs found in the database could have been potentially used in attacks elsewhere before they were patched. According to the report, Microsoft was not able to determine whether the breach had an impact when cross-referencing hacking attacks with bugs in the database at the time of the hack.
The possibility could not be ruled out, however, as Microsoft relied on automated reports from crashes to track attacks, according to Reuters. That's potentially problematic because it doesn't account for attacks that don't result in crashes, and machines containing highly sensitive information may not allow automatic reporting.
Get the Windows Central Newsletter
All the latest news, reviews, and guides for Windows and Xbox diehards.
Dan Thorp-Lancaster is the former Editor-in-Chief of Windows Central. He began working with Windows Central, Android Central, and iMore as a news writer in 2014 and is obsessed with tech of all sorts. You can follow Dan on Twitter @DthorpL and Instagram @heyitsdtl.