Microsoft has been blamed for “cascade of security failures” that enabled Chinese threat actors to access US government officials’ emails in the Summer of 2023, an independent report has concluded. The US Department of Homeland Security (DHS) published the Cyber Safety Review Board’s (CSRB) report into the incident on April 2, 2024, which found that the Microsoft Online Exchange intrusion was preventable and should never have occurred.

Source: Infosecurity Magazine – Information Security & IT Security