On March 30, the US Cyber Safety Review Board (CSRB) released its review of the July 2023 Microsoft Exchange Online intrusion by the Chinese state group Storm-0558, blasting Microsoft for its shoddy security practices and saying the incident “was preventable and should never have occurred.”
The threat actor had compromised the Microsoft Exchange Online mailboxes of 22 organizations, including the US federal government, and over 500 individuals worldwide using authentication tokens signed by a key Microsoft had created in 2016.
