Seriously Risky Business Newsletter
August 03, 2023
On Microsoft, Wyden's Bark May Have Some Bite
Presented by

Policy & Intelligence
Microsoft's lacklustre cloud product security is finally biting it on its ass. In a strongly worded open letter to key US government agency heads, Senator Ron Wyden, a member of the Senate's Intelligence Committee, asked them to investigate what he called "negligent cybersecurity practices" by Microsoft that enabled a recent hack of the company's cloud services by a hostile actor, likely from the PRC.
Wyden's letter requests action on the issue from several different US government agencies, including the Federal Trade Commission (FTC), the Department of Justice and the Cybersecurity and Infrastructure Security Agency (CISA).
He asked the FTC to investigate whether Microsoft's security practices violated a prior consent decree and its regulations, and the Department of Justice to explore whether Microsoft had violated federal contracting laws through negligent security practices.