Skip to navigationSkip to content

Hackers stole information on Windows vulnerabilities from Microsoft in 2013

Microsodt is being sued by employees who claim they have PTSD after scanning child pornography
Reuters/Jacky Naegelen
Microsoft did not disclose the nature of the breach at the time.
  • Keith Collins
By Keith Collins

Tech Reporter

Published Last updated This article is more than 2 years old.

Major software companies like Microsoft always have a long list of bugs to fix. They can range from benign cosmetic issues to critical flaws that make software like Windows vulnerable to hacking. Usually, engineers fix such flaws before hackers ever know they existed.

In 2013, according to a new report from Reuters, hackers broke into Microsoft’s network and stole its database of bugs. The report is based on interviews with five unnamed ex-Microsoft employees, who said the bug database had not been properly secured prior to the hack.

Sophisticated hackers could use such a database to develop exploits for the vulnerabilities it contains, and in turn to hack millions of users before engineers have a chance to release patches. Microsoft determined that the vulnerabilities in the database were not exploited in breaches at other organizations that took place at the time, according to the report, but some of the former employees Reuters spoke with were not so sure.

The theft occurred in early 2013 amid a string of attacks on other big tech companies like Apple and Facebook. Microsoft said in a brief announcement that it “experienced a similar security intrusion,” but did not disclose that its bug database had been breached.

📬 Kick off each morning with coffee and the Daily Brief (BYO coffee).

By providing your email, you agree to the Quartz Privacy Policy.