Microsoft quietly dealt with a hack of its vulnerabilities and bug reports database back in 2013 without telling anyone. Former employees say Microsoft fixed all bugs and vulnerabilities contained in the hacked database within months so that the flaws would have limited use against its users. Microsoft also investigated breaches at third-party companies in the following period to see if any of the vulnerabilities contained within the breached database were deployed in live attacks. Reuters claims the attack was carried out by a cyber-espionage group known under various names, such as Wild Neutron, Morpho or Jripbot.
Source: https://www.bleepingcomputer.com/news/microsoft/microsoft-suffered-breach-of-its-vulnerabilities-database-back-in-2013/