‘Chinese engineers’ …, the ‘important angle’ Microsoft reportedly missed while revealing SharePoint hack

Microsoft announced last month that Chinese state-sponsored hackers exploited vulnerabilities in its SharePoint collaboration software to breach hundreds of companies and government agencies, including the National Nuclear Security Administration and Department of Homeland Security. However, the tech giant omitted a crucial detail: China-based engineers have been maintaining the very software that was compromised, as reported by ProPublica.

According to screenshots viewed by ProPublica, Microsoft’s internal work-tracking system showed China-based employees recently fixing bugs for SharePoint “OnPrem” — the exact version targeted in the cyberattacks.