The Department of Homeland Security has issued a critical report on Microsoft for security weaknesses that led to Chinese cyber attacks on U.S. officials' email accounts.

An extensive review by the Cybersecurity Review Board highlighted Microsoft's inadequate corporate security culture and practices as contributing factors to the breach.

Over 500 individuals and 22 organizations, including top government officials, were affected by the Microsoft Exchange Online security incident.

The report urges Microsoft to publicly outline a comprehensive security reform plan with specific timelines for implementation.

Microsoft's public statements about the breach were deemed inaccurate by the review board.

The U.S. government identifies China as the primary cyber espionage threat, with recent indictments against Chinese nationals for long-term hacking efforts.

The report calls for the U.S. government to demand substantial security improvements from Microsoft and for Microsoft to prioritize restoring robust security measures.