> In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access. This has included access to some of the company’s source code repositories and internal systems. To date we have found no evidence that Microsoft-hosted customer-facing systems have been compromised.
It would certainly be nice to know which of things they "gained" access to, versus which of them they "attempted to gain" access to. The fact that this blog post doesn't specify makes me assume the worst case scenario: that the attackers got a decent amount of source code to comb through for more vulnerabilities in the future.
Knew the full extent of the attack and exfiltrated data, yet took no action to re-secure systems that could be exploited using this information. Negligence?
Dunno if HN is the place to call for someone’s death. Besides, Bill isn’t the one making the decisions in the article so what does he have to do with it anyway? He started MS?
It would certainly be nice to know which of things they "gained" access to, versus which of them they "attempted to gain" access to. The fact that this blog post doesn't specify makes me assume the worst case scenario: that the attackers got a decent amount of source code to comb through for more vulnerabilities in the future.