Kartikay Mehrotra and Alyza Sebenius report that the timing of the attacks exploiting vulnerabilities in Microsoft Exchange right before Microsoft could push patches out has Microsoft considering whether there was some leak that alerted the hackers:
Microsoft is now investigating the possibility of a leak that may have triggered these mass Exchange compromises ahead of its patch release, according to two sources with knowledge of the company’s response to the attack. The sources, who weren’t authorized to speak on the matter, said a leak, if indeed there was one, may have come from one of the company’s security or government partners, or from independent researchers. A leak may have been malicious, or it could have been part of a separate security breach, they said.
A Microsoft spokesperson declined to comment on the investigation.
Read more on Bloomberg.