The company said that none of its code was modified, and that its investigation will continue. “This activity has not put at risk the security of our services or any customer data,” Microsoft said, adding that “viewing source code isn’t tied to elevation of risk,” for the company.
Even as Microsoft downplayed the risk associated with this discovery, it’s more evidence of just how far the attack has reached. Because SolarWinds’ network security software is widely used, the group behind the hack was able to potentially access an unprecedented amount of sensitive data from government agencies and major corporations. Government officials have said Russia is responsible, though investigators are still unraveling the full extent of the hack.