US Senator Wyden Accuses Microsoft of ‘Cybersecurity Negligence’ Microsoft is accused of “negligent cybersecurity practices” that enabled a successful Chinese hack of the United States government.

In a strongly worded letter to Attorney General Merrick Garland and the heads of CISA and the FTC, Wyden said the software giant “bears significant responsibility” for the M365 cloud hack that started with the theft of a Microsoft encryption key.

“Since the hackers stole an MSA encryption key, the hackers could create fake authentication tokens to impersonate users and gain access to Microsoft-hosted consumer accounts, even if a user’s account was protected with multi-factor authentication and a strong password,” …

attorney attorney general chinese cisa cloud cybersecurity cybersecurity practices ftc general giant government hack letter m365 merrick garland microsoft negligence practices responsibility senator software states united united states wyden