By Robert McMillan 

The Russia-linked hackers behind a widespread cyber-intrusion into U.S. corporate and government systems were able to access internal systems within Microsoft Corp. and view internal source code, used to build software products, the company said Thursday.

Microsoft had previously confirmed that it had downloaded malicious software from a vendor called SolarWinds Corp. that had been modified by the hackers. Thursday's disclosure is the first indication that the hackers were able to access internal systems at Microsoft.

"We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories," Microsoft said in a statement.

This compromised account was able to view Microsoft's source code, but not make changes, the company said.

A Microsoft spokesman declined to say what products or internal systems were affected by the intrusion.

The company has "found no evidence of access to production services or customer data," and "no indications that our systems were used to attack others," the company said.

The SolarWinds attack dates back to at least October of 2019 and has prompted a flurry of cyber investigations within government and private industry. Through a backdoor the attackers installed in SolarWinds's Orion networking software, the hackers found their way into systems belonging to the Department of Homeland Security, the State Department, the Treasury and Commerce departments and others,

U.S. government and cybersecurity officials have linked the attack to Russia. The Kremlin has denied involvement in the hacks.

A Wall Street Journal analysis of internet records identified infected computers at two dozen organizations that installed the tainted network monitoring software from SolarWinds. Among them: technology giant Cisco Systems Inc., chip makers Intel Corp. and Nvidia Corp., and accounting firm Deloitte LLP.

Write to Robert McMillan at Robert.Mcmillan@wsj.com

 

(END) Dow Jones Newswires

December 31, 2020 13:14 ET (18:14 GMT)

Copyright (c) 2020 Dow Jones & Company, Inc.