Microsoft's recent security breaches have caused concerns for many different groups, including the US government. This week, the US House Committee on Homeland Security requested that Microsoft President Brad Smith attend a hearing in Washington DC to answer its questions about those breaches.
CNBC reports that the proposed hearing will be held on May 22. It will center on a breach of Microsoft's Outlook email system by a group of China-based hackers in the summer of 2023. Microsoft later said the group, known as Storm-0558, managed to "forge authentication tokens for Azure AD enterprise and MSA consumer to access OWA and Outlook.com."
Some of the Outlook accounts that were hit by Storm-0558 included ones that were used by US Commerce Secretary Gina Raimondo, US Representative Don Bacon (R-Nebraska), and Nicholas Burns, who is the US ambassador to China.
Last week, the company stated that it will make "security our top priority at Microsoft, above all else—over all other features." This week's letter to Smith by the House Committee on Homeland Security said they were "encouraged" by Microsoft's pledge to improve their security systems,
Having said that, the committee still wants Smith to answer its questions, stating:
Given the gravity of the issues discussed above and the need for thorough examination and oversight, it is critical that you appear before the committee.
The big question: Will Brad Smith make an appearance before that committee on May 22? CNBC asked Microsoft that question and received a response from a spokesperson:
We’re always committed to providing Congress with information that is important to the nation’s security, and we look forward to discussing the specifics of the best time and way to do this.
In addition to the Chinese group breaking into Outlook accounts, Microsoft also admitted that a Russia-based group managed to access the email accounts of some of Microsoft's top executives in early 2024. That same group used information from that breach to access some of Microsoft's source code.
5 Comments - Add comment