Microsoft has confirmed that its own corporate network has been hijacked and used to launch distributed denial of service attacks.
According to the Register, two IP addresses belonging to Microsoft were used to redirect traffic to websites belonging to a fraudulent online pharmacist and were detected as the source of a denial of service attack on the security website KrebsOnSecurity.
“We have completed our investigation and found that two misconfigured network hardware devices in a testing lab were compromised due to human error,” read Microsoft’s statement on the matter.
“Those devices have been removed and we can confirm that no customer data was compromised and no production systems were affected. We are taking steps to better ensure that testing lab hardware devices that are internet accessible are configured with proper security controls.”