This is the best summary I could come up with:
The board said it began considering an investigation after learning of the Microsoft cloud breach, which saw China state-backed hackers break into government email accounts, including the inbox of U.S. Commerce Secretary Gina Raimondo, several officials at the U.S. State Department, and other organizations not yet publicly named.
According to the slow-drip of information about the incident, Microsoft said China-backed hackers stole a sensitive signing key that allowed unauthorized access to enterprise and government email inboxes hosted by the technology giant.
That stolen key, coupled with a flaw that Microsoft has since patched, allowed the forging of authentication tokens that the hackers used to access the target’s email accounts as if they were the rightful owners.
It was only because the State Department used a higher-paid tier account that allowed access to logs that Microsoft keeps, which first revealed the hacks.
In carrying out a post-mortem of the hack, Homeland Security secretary Alejandro Mayorkas said in remarks it was “imperative” to understand the vulnerabilities in cloud technologies that are relied on by U.S. organizations.
The CSRB’s first investigation looked at the fallout from the Log4j vulnerability in 2020, and its second — published this week — examined recent attacks by the Lapsus$ hacking group,
I’m a bot and I’m open source!