How crazy is it that Microsoft is not even monitoring/alerting on commands like, "whoami" being issued on their managed systems? Wow.

I wonder if alerts did come in, but Microsoft didn't respond quickly enough. That's giving them the benefit of the doubt, though; very possible they weren't monitoring this system. If they were, they probably would have identified the fact that it was exposed to the internet via a public GitHub repository....

Agreed. That was a great read and cautionary tale about not following best practices!