A House committee has asked Microsoft’s Brad Smith to attend a hearing on security flaws.
A House committee has requested that Microsoft’s top counsel, Brad Smith, attend a hearing this month to discuss breaches of the company’s software that allowed hackers to access emails of US government officials.
Politicians frequently propose that internet businesses bring their leaders to Washington. In recent years, the CEOs of Alphabet, Meta, and TikTok have all given congressional testimony. Microsoft, the world’s most valuable public firm, offers subscriptions to email software, which is widely used in business and government, making it a prime target for hackers.
A hearing before the House Committee on Homeland Security, scheduled for 10 a.m. ET on May 22 in Washington, will examine Microsoft’s response to China’s breach of U.S. government officials’ email accounts, which the company revealed last year. The hack targeted accounts belonging to Commerce Secretary Gina Raimondo, Republican Representative Don Bacon of Nebraska, and US Ambassador Nicholas Burns to China.
However, Smith may not appear at the time specified in the committee’s letter to him on Thursday.
“We’re always committed to providing Congress with information critical to the nation’s security, and we look forward to discussing the specifics of the best time and way to do so,” a Microsoft spokeswoman told CNBC via email on Thursday.
Last month, the Cyber Safety Review Board stated in a 34-page assessment on the attack that “Microsoft’s customers would benefit from its CEO and board of directors directly focusing on the company’s security culture.”
Last week, Microsoft CEO Satya Nadella sent a message directing staff to prioritize security. The corporation announced operational improvements to address the weaknesses outlined by the independent federal board in the study.
Charlie Bell, executive vice president for security, stated that Microsoft would “improve the accuracy, effectiveness, transparency, and velocity of public messaging and customer engagement” after the board voiced worry about the company’s failure to correct an inaccuracy in a corporate blog post for months.
In January, Microsoft disclosed another cyberattack. This time, Russian intelligence had access to several of the company’s top executives’ email accounts.
Committee chairman Mark Green, R-Tenn., and Bennie Thompson, D-Miss., said in a letter inviting Smith to the meeting that they were impressed by the company’s promises to improve its security procedures. However, they said that the company’s failure to prevent attacks endangered Americans.
“Given the gravity of the issues discussed above and the need for thorough examination and oversight, it is critical that you appear before the committee,” Green and Thompson said in their letter.
