Two former senior Biden administration officials who played roles in the Justice Department's approval and use of a Microsoft government cloud product now hold top jobs at the tech giant, raising new questions after Chinese hackers breached the system.
Former DOJ chief information officer Melinda Rogers and former Deputy Attorney General Lisa Monaco were both tied to the department's handling of GCC, Microsoft's government cloud platform marketed as secure for federal agencies.
Public social media profiles show Rogers is now a partner in Microsoft's enterprise cloud division, while Monaco is the company's global affairs president.
Their moves come as scrutiny grows over how Microsoft secured and maintained a lucrative foothold in the federal government even as auditors reportedly raised concerns about the security of its cloud products.
A recent ProPublica investigation found that before Chinese hackers infiltrated GCC, federal officials auditing the product said Microsoft struggled to prove its cloud services were secure.
Even so, the DOJ adopted GCC in early 2020, a decision made by Rogers after third-party reviews and an internal audit.
That decision gave Microsoft a major boost by placing GCC on the government's official marketplace for cloud services — effectively giving the company an implicit federal seal of approval.
After that, GCC became the focus of a long-running dispute with federal auditors, who said Microsoft repeatedly failed to provide critical information about its security practices. Some auditors also raised concerns that the third-party organizations that initially cleared GCC had conflicts of interest because Microsoft paid them.
Then came the major breach.
In 2023, the White House told federal auditors that Chinese state-sponsored hackers had infiltrated the system and accessed emails and other data from the secretary of commerce, the U.S. ambassador to China, and other senior officials.
Afterward, auditors told Microsoft it would need to restart the approval process if it wanted full authorization. An anonymous DOJ official told ProPublica that Microsoft's government cloud point man, John Bergin, pushed the department to "throw around our weight" to secure authorization.
During a December meeting with auditors, Bergin argued they "should essentially just accept" GCC's security claims because DOJ already had. Rogers, according to ProPublica, backed Microsoft and pressed auditors to "get this thing over the line."
Eric Mill, former executive director for cloud strategy at the General Services Administration, said it was the "opinion of the staff and the contractors that she simply was not willing to put heat to Microsoft on this" and that the DOJ "was too sympathetic to Microsoft's claims."
Although auditors later concluded that "there is a lack of confidence in assessing the system's overall security posture," Microsoft's cloud services were still authorized.
In a statement to the Washington Examiner, Microsoft defended its hiring of both women.
"There is absolutely no connection between these hirings and any involvement they may have had with the authorization of GCC High," a company spokesperson said.
"As with the hiring of any former government employee, we comply fully with all rules, regulations, and ethical standards regarding their employment, including recusal requirements for work connected to their previous agencies or relevant subjects during the designated period," the spokesperson said.
Nicole Weatherholtz ✉
Nicole Weatherholtz, a Newsmax general assignment reporter covers news, politics, and culture. She is a National Newspaper Association award-winning journalist.
© 2026 Newsmax. All rights reserved.