@dangoodin I don't think Microsoft ever acknowledges vulnerabilities in their cloud services (also there's no CVEs for cloud), and you don't say breach at Microsoft.

So if you Ctrl+F I doubt you will find vulnerability or breach in relation to Microsoft.

They did say "exploit" in the original MSRC blog in relation to Microsoft's cloud services, and you exploit a vulnerability. So I think it's fair to say that, yes, they had vuln(s).