TLDRs;
- Senator Wyden urges FTC to investigate Microsoft over recent cybersecurity incidents risking national security.
- May 2024 Ascension ransomware attack exposed data of 5.6 million people, highlighting systemic vulnerabilities.
- Microsoft criticized for outdated encryption and default security settings, potentially enabling attacks.
- Experts warn Microsoft’s market dominance magnifies national security threats from recurring breaches.
US Senator Ron Wyden has formally called on the Federal Trade Commission to investigate Microsoft’s cybersecurity practices following a series of high-profile security incidents.
In a letter sent this week, Wyden cited multiple ransomware attacks and security breaches affecting critical US infrastructure, including hospitals and government agencies.
He argued that Microsoft’s policies and system configurations contributed directly to these security failures, posing broader national security risks.
Ransomware Exposes Millions of Records
A key example Wyden highlighted is the May 2024 ransomware attack on Ascension, one of the nation’s largest hospital networks.
The breach compromised personal data of approximately 5.6 million individuals. According to Wyden, the attack originated when a contractor clicked a malicious link via Microsoft’s Bing search engine, allowing hackers to access Ascension’s network and its Active Directory server.
The senator specifically criticized Microsoft’s continued support for outdated encryption protocols and default system settings, claiming these vulnerabilities facilitated the breach.
Microsoft has responded by noting that the legacy encryption standard RC4 represents less than 0.1% of its traffic and is scheduled to be disabled by default in select Windows products by early 2026.
Recurring Breaches Highlight Systemic Risks
Wyden’s concerns are reinforced by Microsoft’s history of cybersecurity incidents. Between 2021 and 2025, over 1,200 vulnerabilities were reported in Microsoft products, with a record 1,360 vulnerabilities identified in 2024 alone. Notable previous breaches include the 2021 Exchange Server attack, which affected more than 250,000 organizations, and the 2020 exposure of 250 million customer records due to misconfigured servers.
Recent incidents further underscore ongoing risks. Russian hackers compromised executive email accounts in January 2024 via password spraying attacks, while Chinese hackers exfiltrated 60,000 emails from the US State Department in September 2023.
Experts note that Microsoft’s vast scale and complex product ecosystem may make traditional cybersecurity measures increasingly difficult to implement effectively, leaving persistent gaps in protection.
Market Dominance Intensifies National Security Concerns
Microsoft’s position as the leading enterprise technology provider amplifies the stakes. Wyden described the company’s “near-monopoly over enterprise IT,” noting that many government agencies and private-sector companies have little choice but to rely on Microsoft products despite security concerns.
The company’s dominance extends into cloud AI, with 45% of new implementations, far ahead of competitors such as AWS and Google, and strategic partnerships with OpenAI enhancing its influence.
Analysts warn that this concentration means that a single security lapse can have cascading effects on national security. For example, the Storm-0558 breach compromised authentication keys affecting numerous government organizations because Microsoft had failed to rotate them since 2016.
FTC Response and Future Oversight
The Federal Trade Commission confirmed receipt of Wyden’s letter but declined to comment on the matter. The senator’s call for investigation could trigger enhanced scrutiny over Microsoft’s cybersecurity protocols, policies, and default settings, potentially influencing future regulatory standards for enterprise technology providers.
As cybersecurity threats continue to evolve, Wyden’s move signals growing legislative pressure on major tech companies to ensure that their platforms remain secure, particularly when they underpin critical infrastructure and government operations.
