colinneagle writes "Once upon a time, Microsoft claimed that falling prey to social engineering tactics and then being hacked was a "rookie mistake." But now is the time for companies to jump on the bandwagon, to admit they were targeted by cyberattacks and successfully infiltrated. The stage is so crowded with 'giants' at this point, that there are fewer 'bad press' repercussions than if only one major company had admitted to being breached. Microsoft now admitted, hey we were hacked too.
"As reported by Facebook and Apple, Microsoft can confirm that we also recently experienced a similar security intrusion," wrote Matt Thomlinson, General Manager of Microsoft's Trustworthy Computing Security. Unlike the New York Times and the Wall Street Journal there was no mention of Chinese hackers. Is there a moral to these sad tales? Perhaps only that anyone can become a victim.
However, back in 2011, John Howie, Microsoft's senior director in the Online Services Security & Compliance (OSSC) team, basically claimed that unlike RSA or Sony, Microsoft sites are unhackable and can't be DDoSed. In regards to the breach at RSA, Howie told Computing News, "RSA got hacked because someone got socially engineered and opened a dodgy email attachment. A rookie mistake." Furthermore "Sony was coded badly and failed to patch its servers. These are rookie mistakes." Howie added, "At Microsoft we have robust mechanisms to ensure we don't have unpatched servers. We have training for staff so they know how to be secure and be wise to social engineering.""
Link to Original Source