Microsoft slammed for lax security that led to China's cyber-raid on Exchange Online

A review of the June 2023 attack on Microsoft's Exchange Online hosted email service - which saw accounts used by senior US officials compromised by a China-linked group called "Storm-0558" - has found that the incident would have been preventable save for Microsoft's lax infosec culture and sub-par cloud security precautions....