It makes the news when an entity like Microsoft gets cracked, but when their users get robbed or otherwise hurt as a consequence it will hardly make the news. You not knowing of the consequences doesn't mean they don't exist.
GP is clearly saying "this is important because small people will get hurt invisibly" and your hot take is that them being exploited isn't going to impact Microsoft's bottom line, so this isn't newsworthy?
Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents. The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself. We are in the process of notifying employees whose email was accessed.
It says nothing about users being compromised.
This is why they won’t do anything about it though ? Do you understand how it works ?
They’re not going to do anything about the consequences for the users until it impacts their profits.
Name one person who is done with Microsoft after this?
I think the confusion lies between the terms "consequences" and "consequences for Microsoft". There won't be consequences _for Microsoft_ but there will be consequences for regular people. Saying there won't be consequences full stop implies you don't consider the damage to regular people as worthy of discussion or consideration
