Microsoft burns Twitter, Facebook & Apple as it admits it was hacked

Microsoft has gone through something of an image change over the past year – taking a leaf from Apple’s book of designs the company has issued a new, more modern, logo; a new friendly looking UI; and a rake of designed-for-the-user devices.

But in its heart it’s still the same nerdy company that it has ever been – and if you want evidence of that then just look at the major burn it issued to Apple, Facebook, and Twitter late on Friday.

If you’ve been keeping up to date with events in the field, at the end of January a sophisticated series of hacks was launched against some of the world’s largest technology and media companies.

The Wall Street Journal, The New York Times, Apple, Facebook, and Twitter were all victims by their own admissions (there are likely more). The latter three technology companies each blamed, or inferred, that a Java exploit originating from mobile developers’ website was to blame.

Twitter was the first to raise the alarm by issuing a warning on its corporate blog saying that it had been hacked.  Twitter said only user names and some encrypted passwords were taken but, worryingly, warned that other companies were probably also hit in the same zero-day Java hack.

Sure enough a week later Facebook stepped up to say that it was also caught in the same (or at least a very similar) hack but it allayed fears by saying that no data was taken.

Facebook was soon followed by Apple, which, through the AFP news agency, said that it was hit too.  Apple said in a brief statement to the agency that it had “no evidence” that any user data was taken.

This type of cyberattack is no surprise to Microsoft

And this brings us back to Microsoft. On Friday the company’s security blog revealed in the usual matter-of-fact way that “Microsoft can confirm that we also recently experienced a similar security intrusion.” Which is neither a surprise nor a shock, but, whether intentionally or not, the company couldn’t help but burn the competition while announcing it was also a victim.

“This type of cyberattack is no surprise to Microsoft,” the company scathed, “[or] other companies that must grapple with determined and persistent adversaries.” Microsoft then went on to describe how a small number of its computers (oh, as well as some of the company’s collection of Apple Macs) were infected.

Ouch, burn on Twitter and Apple.

“During our investigation, we found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organizations.”

At the end of January Apple released a security patch that disabled some features of Java, in order to limit the impact of the hack.

Microsoft then went on to say that “Consistent with our security response practices, we chose not to make a statement during the initial information gathering process,” seemingly another dig at Twitter, who were the first to blow the whistle and suggest that other companies were infected.

And all of this was a round about way for Microsoft to say that even though it was also a victim it had no evidence of “customer data being affected.”