Microsoft Corp. did not disclose the full extent of a database breach in 2013 to users or the public, five former employees reportedly told Reuters.
In 2013, the company released a statement to confirm a "security intrusion" similar to the ones reported by Facebook Inc. and Apple Inc. The software giant also said that a small number of computers were infected by malicious software using techniques but it did not find any evidence of customer data being affected.
The former staffers, however, said the hacking group actually broke into Microsoft's internal database for tracking bugs in its software and could have used that information for further break-ins or helped other entities exploit vulnerabilities, according to the Oct. 17 report by Reuters.
Also, the former employees said the report released by Microsoft was inconclusive, while one said Microsoft did discover that bugs had been stolen.
The company, however, fixed the flaws within months of the intrusion and also improved the security for the database.