A new report claims that Microsoft withheld important information from the Defense Department regarding the company’s use of Chinese-based employees. The new report has sparked an investigation by the Pentagon.
According to a 2025 security plan obtained by ProPublica, while Microsoft is required to submit security plans to the Defense Department regarding how the technology company plans to protect the government’s computer systems, the company did not disclose the use of Chinese-based employees to work on sensitive computer systems for the Pentagon.
ProPublica reported that the Defense Department launched an investigation of technology companies using foreign operators to work on sensitive systems in the aftermath of the outlet’s report on Microsoft’s controversial practices last month. The outlet revealed that Microsoft uses “digital escorts,” identified as U.S. personnel with security clearances, to supervise engineers based in foreign countries who work on the Pentagon’s cloud systems.
According to ProPublica, Microsoft did not notify the Defense Department that some of the employees who were not screened to access the Azure Government cloud platform included foreign citizens based in other countries. ProPublica’s report has led to a quick response and an investigation by the Pentagon.
In a memorandum last month, Secretary of Defense Pete Hegseth wrote, “I direct the Department of Defense (DoD) Chief Information Officer (CIO), in coordination with the Under Secretaries of Defense for Acquisition and Sustainment, Intelligence and Security, and Research and Engineering, to take immediate actions to ensure to the maximum extent possible that all information technology capabilities, including cloud services, developed and procured for DoD are reviewed and validated as secure against supply chain attacks by adversaries such as China and Russia.”
READ MORE: Radio system used by military, law enforcement exposed through major vulnerabilities
In a letter to Hegseth last month, Sen. Tom Cotton, the chairman of the Senate Select Committee on Intelligence, warned that the Defense Department needs to take action and avoid “contracts and oversight processes that fail to account for the growing Chinese threat.”
“As we learn more about these ‘digital escorts’ and other unwise — and outrageous — practices used by some DoD partners, it is clear the Department and Congress will need to take further action,” Cotton stated. “We must put in place the protocols and processes to adopt innovative technology quickly, effectively, and safely.”
Hegseth’s office told ProPublica on Friday that the Pentagon had completed its investigation into the use of foreign employees by technology companies and that the Pentagon “identified a series of possible actions the Department could take.”
Hegseth’s office added, “As with all contracted relationships, the Department works directly with the vendor to address concerns, to include those that have come to light with the Microsoft digital escort process.”
