Microsoft revealed on Friday that Russian state-backed hackers, known as Nobelium or Midnight Blizzard, breached its internal systems and gained access to core software repositories.
This incident comes as a continuation of a cyberattack initially disclosed in January, shedding light on the extent of the intrusion into Microsoft's infrastructure.
According to Microsoft, the hackers utilized information stolen from the company's corporate email systems to infiltrate source code repositories and internal systems. Access to source code is highly sought after as it holds the fundamental components of software enabling hackers to conduct follow-up attacks on other systems.
While the exact scope of the breach remains unclear, experts suggest that the hacking group, attributed to Russia's foreign intelligence service, has a history of expansive intelligence-gathering campaigns in support of Kremlin objectives.
This latest incident follows previous high-profile cyberattacks, including the notorious breach of several US agency email systems in 2020 using software from a US contractor, SolarWinds.
Microsoft reassured that no evidence has been found of compromise to its customer-facing systems hosted by the company. Despite that, the cyber assault highlights the ongoing threat of state-sponsored hacking groups for tech firms.