Microsoft cybersecurity
Submitted | March 14, 2024 |
Due | April 11, 2024 |
Est. Completion | None |
MuckRock users can file, duplicate, track, and share public records requests like this one. Learn more.
Communications
From: Aaron Holmes
To Whom It May Concern:
Pursuant to the Freedom of Information Act, I hereby request the following records:
In June of 2023, State Department officials discovered that hackers linked to the Chinese government breached its systems using a vulnerability in Microsoft's software, according to media reports and public statements by Microsoft at the time (https://www.washingtonpost.com/national-security/2023/07/12/microsoft-hack-china/). Subsequently, in January of 2024, Microsoft disclosed that Russian nation-state hackers broke into its systems and stole customer secrets that were contained in emails between Microsoft and the customers (https://msrc.microsoft.com/blog/2024/01/microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/).
Microsoft is the world's largest cybersecurity software provider by total sales, and one of the largest cybersecurity providers for the federal government, so it is in the public's interest to understand how the company responds to breaches that impact federal agency customers.
Therefore, I am requesting the following records:
- All digital and paper correspondence (such as electronic mail and paper mail) between CISA and representatives or employees from Microsoft Corporation from June 1, 2023 to present. Please include any attachments in responsive digital forms of correspondence.
The requested documents will be made available to the general public, and this request is not being made for commercial purposes.
In the event that there are fees, I would be grateful if you would inform me of the total charges in advance of fulfilling my request. I would prefer the request filled electronically, by e-mail attachment if available or CD-ROM if not.
Thank you in advance for your anticipated cooperation in this matter. I look forward to receiving your response to this request within 20 business days, as the statute requires.
Sincerely,
Aaron Holmes
From: Department Of Homeland Security Cisa (cybersecurity And Infrastructure Security Agency)
Good afternoon,
Attached is our acknowledgment of your CISA FOIA request. If you need to contact this office again concerning your request, please provide the CISA reference number. This will enable us to quickly retrieve the information you are seeking and reduce our response time. This office can be reached at 866-431-0486.
Regards,
DHS Privacy Office
Disclosure & FOIA Program
STOP 0655
Department of Homeland Security
245 Murray Drive, SW
Washington, DC 20528-0655
Telephone: 1-866-431-0486 or 202-343-1743
Fax: 202-343-4011
Visit our FOIA website https://www.dhs.gov/foia
-
1364822-20240318144657575
From: Muckrock Staff
To Whom It May Concern:
I wanted to follow up on the following Freedom of Information Act request, copied below, and originally submitted on March 14, 2024. Please let me know when I can expect to receive a response.
Thanks for your help, and let me know if further clarification is needed.
From: Aaron Holmes
Hi Mr. Wolfrey,
Thank you for your reply. I'm following up about my request (reference number 2024-NPFO-00292).
Given your determination that my initial request was too broad in scope, I am narrowing my request to only include the following records:
- All digital correspondence (such as electronic mail) from June 1, 2023 to present between representatives or employees from Microsoft Corporation and the following CISA officers: Jen Easterly, Nitin Natarajan, Brandon Wales, Kathryn Coulter Mitchell, Eric Goldstein, David Mussington, Billy Bob Brown, Jr., and Alaina Clark. Please include any attachments in responsive digital forms of correspondence.
Thank you in advance,
Aaron Holmes
From: Muckrock Staff
To Whom It May Concern:
I wanted to follow up on the following Freedom of Information Act request, copied below, and originally submitted on March 14, 2024. Please let me know when I can expect to receive a response.
Thanks for your help, and let me know if further clarification is needed.
From: Muckrock Staff
To Whom It May Concern:
I wanted to follow up on the following Freedom of Information Act request, copied below, and originally submitted on March 14, 2024. Please let me know when I can expect to receive a response.
Thanks for your help, and let me know if further clarification is needed.