Microsoft is currently being blasted for its supposed "inadequate" security measures in protecting sensitive data in the US amid the surge of cyberattacks on the tech giant.
The Department of Homeland Security released a report on Tuesday detailing that the state-sponsored espionage campaigns on the company last year was supposed to be "preventable and should never have occurred."
The report called out to Microsoft to "develop and publicly share a plan with specific timelines" in resolving security issues across its services, digital systems, and products.
The investigation, in partnership with the US Cybersecurity and Infrastructure Agency, follows after the July 2023 cyberattack that resulted in 60,000 government emails stolen by China-based hackers.
The breach was reportedly made possible through a compromised Microsoft engineer's corporate account. Several state departments contracted the tech giant for its cloud services, making the impact of the attack much bigger.
The report was published just after another data breach on Microsoft, resulting in several company emails being stolen by bad actors.
Microsoft later revealed that hackers were able to access the company's source code and internal systems, although no related attacks on its customers have been noted.
DHS Warns of More Sophisticated Cyberattacks
Aside from lecturing Microsoft for allowing "avoidable errors" to occur, the department also noted a growing trend of cyberattacks becoming more sophisticated.
Microsoft, in cooperation with OpenAI, earlier reported the increase in nation-backed threat actors using chatbots and AI tools to automate its operations.
Other private-public business partnerships in the US also pointed out in the past how hackers are becoming more open with their attacks amid rising tension with countries the Western nation called "adversaries."
US Gov't Bans Microsoft Copilot Amid Data Breach Concerns
Amid security issues and potential data leaks on its products, the US Congress has barred the use of Microsoft Copilot within state-operated devices.
The AI chatbot joins ChatGPT and TikTok in platforms deemed to have potential risks of leaking important information to "non-House approved cloud services."
In response, Microsoft said it understood the government's tighter regulations on digital platforms accessed by its members amid moves towards higher security requirements.
So far, only Copilot has been barred from Microsoft's products. Its other services reportedly remain available to be used by Congress and other legislative bodies.