In May and for a couple of month, Microsoft saw a token-theft attack impacting its email services.
This was caused by an expired private key that leaked and had fallen in the hand of the storm-0558 group who take advantage to get access to email accounts of an FCEB agency working for the US government