Multiple Microsoft failings led to Chinese hackers stealing cryptographic key

The compromise of a Microsoft engineer’s account was just one of several factors that allowed threat group Storm-0558 to steal a cryptographic signing key and access U.S. government accounts.

Article Link: Multiple Microsoft failings enabled email hacks by Chinese APT group | SC Media