Microsoft is firmly involved in this....
Recently we had to fend off a highly sophisticated attack against a 365 instance, that was being targeted from INSIDE a microsoft data center via AZURE.
to top it off MS has recently cut all DIRECT support services to 365 clients in certain areas , instead insisting that you explain it to your local "partner" who will then look at it for a week, before deciding to pass it up the chain to MS.
However hte "partners" allocated by MS ..seem to think that they only handle licensing and are not responsible to support hte product, instead wanting service contracts for support.
so.. Cloud attacks from inside AZURE from known criminal gangs against exactly the SAME customers who pay MS to support their 365 instances
and becasue the attack comes from WITHIN microsoft, there is no possibility of tracking the attacks or mitigating tehm as they are passed from country to country, within the Microsoft cloud.
But MS will sell you a very expensive set of security tools to analise attacks that they are enabling.... it sounds more like an scene from the "godfather" than a professional company offering data center services.
WHY would Microsoft ALLOW internal customers to access another customers resources?
Especially when there is NO history or authorization passed to the external entity.