What is remarkable, and it pains me to say this, is that Microsoft isn't on that list. With all the telemetry data they collect, they might have some good data stored. I'm sure people are trying to hack it, even right this minute.
They seem pretty capable, so far, of keeping their own collected data secured.
Some of these breaches, for instance the Gmail/Google breach, might have not been a breach of there systems at all. So far for that example (but there are more), one could apply that to Outlook/MS and get identical results. Aka; hack some service that has millions of emails/password (accumulated), filter all gmail emails, try to login to gmail with that compbi and if it works, put them into the list of 'hacked gmail accounts'.
Not trying to stick up for Google here, but, like MS, there seems to not be a real breach there.
They seem pretty capable, so far, of keeping their own collected data secured.