Microsoft Corp experts concluded several years ago that Chinese
authorities had hacked into more than a thousand Hotmail email
accounts, targeting international leaders of China’s Tibetan and
Uighur minorities in particular — but it decided not to tell the
victims, allowing the hackers to continue their campaign,
according to former employees of the company. […]
After a vigorous internal debate in 2011 that reached Microsoft’s
top security official, Scott Charney, and its then-general counsel
and now president, Brad Smith, the company decided not to alert
the users clearly that anything was amiss, the former employees
said. Instead, it simply forced users to pick new passwords
without disclosing the reason.
The employees said it was likely the hackers by then had footholds
in some of the victims’ machines and therefore saw those new
passwords being entered.
One of the reasons Microsoft executives gave internally in 2011
for not issuing explicit warnings was their fear of angering the
Chinese government, two people familiar with the discussions said.