{"schema_version":"secwatch.filing_event.v1","accession":"0001193125-24-062997","form_type":"8-K/A","ticker":"MSFT","cik":"0000789019","company_name":"MICROSOFT CORP","filed_at":"2024-03-08T23:59:59+00:00","discovered_at":"2026-05-14T18:03:26.925677+00:00","generated_at":"2026-06-05T00:56:26.394437+00:00","sec_items":["1.05","7.01","9.01"],"event_type":"cyber","sentiment":"negative","materiality_score":0.75,"calibrated_materiality_score":0.75,"confidence":"high","headline":"Midnight Blizzard now accessing Microsoft source code; password sprays up 10x in Feb","bullets":["Threat actor gained unauthorized access to some of Microsoft's source code repositories and internal systems.","Password spray attacks increased 10-fold in February 2024 versus the already elevated January 2024 levels.","No evidence of compromise to Microsoft-hosted customer-facing systems.","Microsoft is notifying customers whose secrets were found in exfiltrated emails and assisting with mitigation.","Incident has not yet had a material impact on operations; investigations ongoing."],"urls":{"canonical":"https://secwatch.observer/filing/0001193125-24-062997","json":"https://secwatch.observer/filing/0001193125-24-062997.json","markdown":"https://secwatch.observer/filing/0001193125-24-062997.md","text":"https://secwatch.observer/filing/0001193125-24-062997.txt","edgar_index":"https://www.sec.gov/Archives/edgar/data/789019/000119312524062997/0001193125-24-062997-index.htm","edgar_primary_document":"https://www.sec.gov/Archives/edgar/data/789019/000119312524062997/d808756d8ka.htm"},"model":{"generated_by":"deepseek-v4-flash:cloud@v2","generated_at":"2026-06-05T00:56:26.394437+00:00"},"review":{"review_status":"machine_generated","human_reviewed":false,"corrected":false,"correction_note":null,"correction_timestamp":null,"superseded_by":null,"related_filings":[]},"source_grounded_claims":[{"claim_id":"df5d01ec928fd73c62c43ba60829a05a13ebf489","claim":"MICROSOFT CORP disclosed a cybersecurity incident: a nation-state threat actor gained access to and exfiltrated information from a very small percentage of employee email accounts, including senior leadership and cybersecurity, legal, and other functions, and has used or attempted to use that information to gain unauthorized access to source code re. Impact: the incident has not had a material impact on the Company’s operations, but the Company has not yet determined that it is reasonably likely to materially impact financial condition or results of operations. Materiality is still being assessed.","evidence_excerpt":"As of the date of this filing, the incident has not had a material impact on the Company’s operations. The Company has not yet determined that the incident is reasonably likely to materially impact the Company’s financial condition or results of operations.","evidence_source":"SEC 8-K Item 1.05","evidence_url":"https://www.sec.gov/Archives/edgar/data/789019/000119312524062997/0001193125-24-062997-index.htm","confidence":0.9,"family_label":"Cybersecurity Incidents","details":[{"label":"Nature","value":"a nation-state threat actor gained access to and exfiltrated information from a very small percentage of employee email accounts, including senior leadership and cybersecurity, legal, and other functions, and has used or attempted to use that information to gain unauthorized access to source code re"},{"label":"Impact","value":"the incident has not had a material impact on the Company’s operations, but the Company has not yet determined that it is reasonably likely to materially impact financial condition or results of operations"},{"label":"Materiality","value":"assessing"}],"fact_type":"cyber_incident"}],"license":"Source filings: public domain (SEC EDGAR). Summaries (headline + bullets): CC-BY-4.0; attribute https://secwatch.observer"}