Microsoft Blamed for Major Hack in Scathing Cyber Safety Review, Asked to Reform Security Priorities

The Cyber Safety Review Board blamed Microsoft for a hack by a Chinese group that targeted US officials' emails, citing "a cascade of avoidable errors" by the company.

The report said Microsoft failed to prioritize security and risk management in its "corporate culture."

Microsoft gave inaccurate public statements for months about the cause of the breach.

The report asked Microsoft to develop a reform plan and timeline across its products.

This comes after several other breaches of Microsoft products in recent years, including by Russian and Chinese hackers.