[somethingwitty1]

There are two aspects to the comment though: 1. Did they access services/data as part of this? 2. Can/did they use what they got to impact customers/gain access to customer data.

The comment in the article speaks to #1. And of course, we have to take that with a grain of salt. I doubt any company impacted by this would be fully honest if there was a customer breach. Regardless, you also can't prove a negative. So all they can really say is what they did. Which doesn't mean services/data weren't compromised. Given the size of Microsoft, I find it hard to believe that every service running there has the logs/audit trail to know whether they were inappropriately accessed.

But I took the OPs comment to be focused on #2 as well. There is a very real possibility that having access to the source code could help the attackers attack customers. Having access to the source code can help in locating vulnerabilities that allow future attacks against customers/services.

[zinekeller]

Please note: the source code of Windows 10 can be requested if you are a large enterprise or a government already (as long as you agree that you won't release it). The only possible significant difference here is the lag - you can read the source code of the internal builds, whereas you can only access the corresponding source code for stable builds officially. So, if you are a government, you can actually request it for a legitimate purpose and pass it into the other side of that government if you want to.