I feel as if we've not even scratched the surface in terms of well resourced hostile actors compromising hosted cloud services

can you imagine what would happen if the GRU got into the Teams backend with several year's history?

now consider that the only thing protecting that data is Microsoft software and their internal processes