Microsoft kept the incident secret and it's only the second known breach of such a corporate database. The flaws that were the subject of the attack were reportedly fixed within months of the hack. Full details can be read at Reuters.
The Microsoft flaws were fixed likely within months of the hack, according to the former employees. Yet speaking out for the first time, these former employees as well as U.S. officials informed of the breach by Reuters said it alarmed them because the hackers could have used the data at the time to mount attacks elsewhere, spreading their reach into government and corporate networks.Microsoft refuses to discuss the incident.
“Bad guys with inside access to that information would literally have a ‘skeleton key’ for hundreds of millions of computers around the world,” said Eric Rosenbach, who was U.S. deputy assistant secretary of defense for cyber at the time.