Facebook has confirmed its role. A spokesman told Reuters that it had deleted accounts associated with the Lazarus Group, the hacking team associated with WannaCry and other campaigns, and had notified users who'd had contact with those accounts. It recommended additional security measures in case they might be victims. Microsoft didn't initially comment on Bossert's statements.
Without more targeted accusations or political actions, the revelations don't accomplish much more than fueling the administration's existing arguments that North Korea is running out of time to mend its ways. We certainly wouldn't expect North Korea to change course. However, it does illustrate how comprehensive North Korea's hacking campaign really is. On top of this, it shows how major tech companies like Facebook and Microsoft are effectively being drafted into a wider political conflict -- in many cases, they're first line of defense against North Korean hacks that could prove devastating.