this source is a bit better and answers a couple questions.
first the verification wasn't just "click this link to prove you own this email"
>That account verification process meant that developers were required to upload their government-issued ID before they were allowed to publish potentially highly sensitive code to the broader Windows user base.
Also according to at least one affected user they didn't actually get notified of the process.
> “Microsoft never sent me any notification at all about this. I’ve looked in every inbox in every spam folder in every mail log, and zero, nothing, zilch,” Donenfeld said.
alt Hacker News
this source is a bit better and answers a couple questions.
first the verification wasn't just "click this link to prove you own this email"
>That account verification process meant that developers were required to upload their government-issued ID before they were allowed to publish potentially highly sensitive code to the broader Windows user base.
Also according to at least one affected user they didn't actually get notified of the process.
> “Microsoft never sent me any notification at all about this. I’ve looked in every inbox in every spam folder in every mail log, and zero, nothing, zilch,” Donenfeld said.