Microsoft slammed for negligent cybersecurity following Chinese hack

In his letter, Senator Wyden likens the attack to the 2020 SolarWinds campaign by a Russian threat actor, during which US government emails were also hacked.

Microsoft may face yet another investigation - or three

Microsoft is already under severe scrutiny in the EU, and has been for years, owing to a number of antitrust and anticompetitive cases. Most recently, the company has come under fire for its unfair cloud practices concerning its Azure platform.

This time, it’s a trio of US agencies that are being asked to launch their own, individual probes into Microsoft.

More specifically, Wyden asked the Cybersecurity and Infrastructure Security Agency (CISA) to investigate whether the company had violated best practices recommended by none other than itself and the National Security Agency (NSA), the Department of Justice whether “Microsoft’s negligent practices violated federal law,” and the Federal Trade Commission (FTC) whether Microsoft “violated federal laws enforced by the [FTC],” particularly around deceptive business practices.

Concluding the letter, Senator Wyden writes: “I also urge you to take all necessary steps to hold the company responsible for any violations of that order."

A company spokesperson told CNBC:

“This incident demonstrates the evolving challenges of cybersecurity in the face of sophisticated attacks. We continue to work directly with government agencies on this issue, and maintain our commitment to continue sharing information at Microsoft Threat Intelligence blog.”

The company did not immediately respond to our request for commentary on the potential threat of three separate probes.

• Check out the best endpoint protection and best firewalls for a handy cybersecurity boost