Microsoft to stop using China-based teams to support Department of Defense
Ars Technica 2025-07-26
Last week, Microsoft announced that it would no longer use China-based engineering teams to support the Defense Department’s cloud computing systems, following ProPublica’s investigation of the practice, which cybersecurity experts said could expose the government to hacking and espionage.
But it turns out the Pentagon was not the only part of the government facing such a threat. For years, Microsoft has also used its global workforce, including China-based personnel, to maintain the cloud systems of other federal departments, including parts of Justice, Treasury and Commerce, ProPublica has found.
This work has taken place in what’s known as the Government Community Cloud, which is intended for information that is not classified but is nonetheless sensitive. The Federal Risk and Authorization Management Program, the US government’s cloud accreditation organization, has approved GCC to handle “moderate” impact information “where the loss of confidentiality, integrity, and availability would result in serious adverse effect on an agency’s operations, assets, or individuals.”