To get an idea of what happened when, this happened months before the Snowden leaks were published:
"“As reported by Facebook and Apple, Microsoft can confirm that we also recently experienced a similar security intrusion,” the company said on Feb. 22, 2013."
Kaspersky identified the attacker group for the first time in 2011, two years before:
"According to eWEEK, the Wild Neutron group was first identified and named by Kaspersky Lab in 2011, and it went after high-profile corporate IP in 2013."
The group is very careful in using the obtained information:
"Vikram Thakur, senior manager at Symantec, believed that the Butterfly attacks are financially and not politically motivated, noting to CSO Online that the attackers are extremely careful with the information they obtain. So far, there’s no evidence of any high-profile IP for sale on the Dark Web, and while the data could be used for insider trading, there has been no odd stock market movement after the thefts occur. Vice president of security firm Fasoo, Ron Arden, said it’s possible that the group also employs insiders who are willing to deliberately compromise their accounts and give malicious actors access to five-year plans or financial statements."
"“As reported by Facebook and Apple, Microsoft can confirm that we also recently experienced a similar security intrusion,” the company said on Feb. 22, 2013."
Kaspersky identified the attacker group for the first time in 2011, two years before:
https://securityintelligence.com/news/butterfly-effect-chaos...
"According to eWEEK, the Wild Neutron group was first identified and named by Kaspersky Lab in 2011, and it went after high-profile corporate IP in 2013."
The group is very careful in using the obtained information:
"Vikram Thakur, senior manager at Symantec, believed that the Butterfly attacks are financially and not politically motivated, noting to CSO Online that the attackers are extremely careful with the information they obtain. So far, there’s no evidence of any high-profile IP for sale on the Dark Web, and while the data could be used for insider trading, there has been no odd stock market movement after the thefts occur. Vice president of security firm Fasoo, Ron Arden, said it’s possible that the group also employs insiders who are willing to deliberately compromise their accounts and give malicious actors access to five-year plans or financial statements."