A series of tweets from various sources reported on a federal review board's findings regarding a Chinese espionage campaign targeting Microsoft last summer. The board concluded that the attack, which involved the theft of a Microsoft signing key used to spy on senior U.S. officials, was a 'preventable failure' resulting from Microsoft's failure to prioritize security adequately. The Cyber Safety Review Board criticized Microsoft's security culture as 'inadequate,' called for internal accountability, and stated that an overhaul of Microsoft's security culture is required. The attack led to the compromise of Exchange Online and affected over 22 sensitive organizations. Despite the incident, Microsoft has yet to determine how the attackers, identified as Storm-0558, gained access to the signing keys.