Office 365 appears to have played a role in the large-scale attack campaign against users of SolarWinds Orion platform.
In the attack on Orion, attackers managed to incorporate a trojan into the official version of the Orion software. This malware gave them access to a large number of public and private organizations.
SolarWinds reported earlier this week that some 18,000 customers had installed a vulnerable version of Orion.
Reuters reports, based on an anonymous source, that the attackers behind the large-scale attack campaign against users of SolarWinds Orion platform had access to the Microsoft Office 365 accounts of two victims.
Attackers were able to read email traffic for months through Office 365 of the National Telecommunications and Information Administration, part of the US Department of Commerce.
This was reportedly possible by fooling the authentication of the platform.