Sen. Ron Wyden (D-OR) speaks during a news conference after the first Democratic luncheon meeting since COVID-19 restrictions went into effect on Capitol Hill in Washington, April 13, 2021.
Erin Scott | Reuters
Senator Ron Wyden, D-Ore., the chair of the powerful Senate Finance Committee, demanded on Thursday that the Justice Department and two civil regulators open separate probes into Microsoft’s “negligent cybersecurity practices” that led to a high-level, targeted hack targeting the highest echelons of President Joe Biden’s cabinet.
Chinese hackers accessed the Microsoft-powered email accounts of top China envoys, Commerce Secretary Gina Raimondo, and Secretary of State Antony Blinken. The intrusion, from May to June, occurred just ahead of a critical Sino-U.S. meeting.
Senator Wyden sent the letter to attorney general Merrick Garland, Federal Trade Commission chair Lina Khan, and Cybersecurity and Infrastructure Security Agency director Jen Easterly on Thursday.
Microsoft shares fell about 1% in Thursday morning trading.
“Government emails were stolen because Microsoft committed another error. Although the stolen encryption key was for consumer accounts, ‘a validation error in Microsoft code’ allowed the hackers to also create fake tokens for Microsoft-hosted accounts for government agencies and other organizations, and thereby access those accounts,” Wyden wrote.
Wyden asked that the Justice Department examine whether Microsoft had violated federal law through its negligence; that CISA examine whether Microsoft violated best practices for securing the highly sensitive “skeleton key;” and that the Federal Trade Commission examine whether Microsoft violated federal privacy statutes.
Wyden’s directive to the FTC focused on privacy concerns, but the agency could also examine whether Microsoft’s dominance in the cloud computing market led to heightened risk through anti-competitive behavior. That allegation has been raised by rivals and cybersecurity operators, including Google.
“While Microsoft’s engineers should never have deployed systems that violated such basic cybersecurity principles, these obvious flaws should have been caught by Microsoft’s internal and external security audits,” Wyden said.
A spokesperson for the FTC confirmed the agency had received the letter but declined to comment further. CISA and Microsoft did not immediately respond to requests for comment.
Cybersecurity experts have expressed mounting concern over the intrusion, which impacted at least a dozen government organizations worldwide. Both the State Department and the Commerce Department were targeted by Chinese hackers.
The State Department’s cyber team informed Microsoft of the attack, and was only able to do so because it had engineered more granular reporting and logging. After the hack, Microsoft said it would stop charging for the sophisticated logging and offer it for free.
Wyden noted it wasn’t the first time that a foreign government had hacked government agencies by exploiting Microsoft vulnerabilities.
“The Russian hackers behind the 2020 SolarWinds hacking campaign used a similar technique,” Wyden noted. “Moreover, while Microsoft had known since 2017 that such keys could be quietly exfiltrated from customer servers running its software, it failed to warn its customers, including government agencies, about this risk.”
Both Microsoft and federal officials have disclosed relatively little about the hack, though Microsoft has disseminated additional information and made concessions to customers to mitigate the impact of the exploitation.
A file photo of Hiroki Totoki, Sony Group Corporation executive, delivering a keynote address at CES 2025 in Las Vegas, on January 6, 2025.
Artur Widak | Nurphoto | Getty Images
Sony Group shares rose about 2% Wednesday in volatile trading after the Japanese conglomerate announced a 250 billion yen ($1.7 billion) share buyback and operating income beat estimates.
Operating income for the last three months of the financial year came in at 203.6 billion yen, beating mean analyst estimates of 192.2 billion yen, though it was down 11% from the same period last year.
In the earnings report, the Japanese-based electronics, entertainment and finance company announced a stock buyback of shares worth 250 billion yen.
Sony also provided details on a partial spinoff of its financial unit. The company plans to distribute slightly more than 80% of the shares of common stock of the spinoff to shareholders of Sony Group through dividends.
The financial unit will list its financial operation this year and will be classified as a discontinued operation in Sony’s accounting from the current quarter, the company added.
However, Sony’s outlook for the current financial year ending in March was lackluster.
The company forecasted its operating profit to rise a slight 0.3% to 1.28 trillion yen, after flagging a 100 billion yen hit from U.S. President Donald Trump’s trade war.
Yet, Sony clarified that the estimated tariff impact did not reflect the trade deal made between the U.S. and China on May 12 and that the actual impact could vary significantly.
A Samsung Group flag flutters in front of the company’s Seocho building in Seoul.
Sopa Images | Lightrocket | Getty Images
Samsung Electronics on Wednesday announced that it would acquire all shares of German-based FläktGroup, a leading heating and cooling solutions provider, for 1.5 billion euros ($1.68 billion) from European investment firm Triton.
Samsung said the acquisition would help it expand in the heating, ventilation and air conditioning business as the market experiences rapid growth.
“Our commitment is to continue investing in and developing the high-growth HVAC business as a key future growth engine,” said TM Roh, Acting Head of the Device eXperience (DX) Division at Samsung Electronics.
The acquisition of FläktGroup stands to bolster Samsung’s position in the HVAC market against rivals such as LG Electronics.
FläktGroup supplies heating, HVAC solutions to a wide range of buildings and facilities, notably data centers which require a high degree of stable cooling. Samsung said it anticipates sustained growth in data center demand due to the proliferation of generative AI, robotics, autonomous driving and other technologies.
FläktGroup has more 60 major customers, including leading pharmaceutical companies, biotech and food and beverage firms, and gigafactories, according to Samsung’s statement.
Samsung said in March that its HVAC solutions had achieved double-digit annual revenue growth over the past five years, and that the company aimed to boost revenue by more than 30% in 2025.
