The US Department of Homeland Security has announced the initiation of an investigation into the theft of government emails from Microsoft Exchange Online. Last month, it was revealed that attackers had gained access to emails from government entities and end-users using Exchange Online and Outlook.com for a month-long period. This unauthorized access was made possible through the use of a key stolen from Microsoft, potentially compromising hundreds of thousands of messages.
Recently, US Senator Ron Wyden expressed concern over Microsoft’s security practices and called for an investigation. Wyden stated, “Even with the limited details that have been disclosed, Microsoft bears significant responsibility for this recent incident. Firstly, Microsoft should not have had a master key that, if inevitably stolen, could provide access to customers’ private communications. Additionally, questions arise about whether Microsoft stored the key in a Hardware Security Module (HSM), as it consistently recommends.” Wyden conveyed these thoughts in a letter to the US Department of Justice and the Federal Trade Commission (FTC).
The Cyber Safety Review Board (CSRB) under the Department of Homeland Security will conduct an inquiry into the intrusion and data theft. The government agency swiftly evaluated the breach’s significance as a potential subject for further investigation following its disclosure. In addition to examining the email theft from Microsoft, the investigation will encompass a broader assessment of the security of cloud services.