There have been some serious security breaches of Microsoft"s online services recently, along with attacks on the company"s email accounts for its top executives. A new report claims these hacker attacks have caused some concerns for Microsoft"s US government customers, who pay a lot of money per year for those systems.
According to The Information (via SeekingAlpha), the problems started in July 2023, when a China-based hacker group used an acquired MSA key to forge its own tokens. That resulted in the group accessing Outlook email accounts in the US and Europe, including from government agencies like the US State Departments.
Today"s new report claims, via unnamed sources, that the State Department has moved some of its data to Microsoft"s rivals, including Google and its cloud services, and with Amazon Web Services (AWS). It"s also preparing to choose a company for a seven-year $10 billion contract for cloud, productivity, and security services.
Officially, a spokesperson for the State Department stated that it will continue to use Microsoft apps while also supporting "a diverse cloud ecosystem."
More recently, a Russia-based hacker group got access to the email accounts of some of Microsoft"s top executives. The company later admitted the hackers used the information in those emails to gain access to some of its source code.
Today"s new report claims some of the emails included messages from Microsoft executives to US government officials. The hackers reportedly used that information to try to gain access to government agencies.
The story also says some major Microsoft customers would like to use a different security login system to access the company"s services than Microsoft"s own Entra ID. At the moment, Microsoft does not allow those companies to completely replace Entra ID with a rival system, such as the ones offered by Okta or Cloudflare.