Microsoft accidentally granted global admin privileges to a random legacy test account.

arstechnica.com/security/2024/01/in-major-gaffe-hacked-microsoft-test-account-was-assigned-admin-privileges/

Which then got hacked by Russia.

Granting the hackers read access to every Office 365 account in the world.

From the comments at Ars Technica:

>To summarize the fuckups:

>1. Created test tenant with access to prod data
>2. Created test account with weak password
>3. Made test account accessible from internet
>4. Never enabled 2FA on test account
>5. Gave test account admin role
>6. Did not monitor for slow password sprays (a known technique)
>7. Failed to disable test account at end of testing
>8. Failed to monitor for unused/test accounts in production environment
>9. Did not monitor executives' accounts for surreptitious access
>10. Did not monitor internal test account (that apparently hadn't been accessed in years) for "unusual login activity"

>Did I miss anything? By my count, that's ten fuckups. It's kind of impressive!

Genuinely useful comments at Ars Technica? What is the world coming to?