According to Microsoft, a group of hackers based in China has successfully breached the email accounts of approximately 25 organizations, including government agencies. The software company has not disclosed the specific locations of the affected government agencies. However, the US Department of Commerce has confirmed to the BBC that Microsoft has alerted them regarding the attack.
Reports indicate that the breach impacted Secretary of Commerce Gina Raimondo among other individuals.
“Microsoft notified the Department of a compromise to Microsoft’s Office 365 system, and the Department took immediate action to respond,” a US Department of Commerce spokesperson told the BBC.
“We are monitoring our systems and will respond promptly should any further activity be detected,” they added.
US media reported that the hackers had also targeted the State Department.
The State Department did not immediately respond to a BBC request for comment.
China’s embassy in London told the Reuters news agency that the accusation was “disinformation” and called the US government “the world’s biggest hacking empire and global cyber thief.”
Microsoft said the China-based hacking group – which it refers to as Storm-0558 – had accessed email accounts by forging digital authentication tokens required by the system. Typically, individuals use the tokens to verify their identity.
“Storm-0558 primarily targets government agencies in Western Europe and focuses on espionage, data theft, and additionally, credential access,” the firm said.
The company said its investigations found that the breaches began in the middle of May and that it has now “mitigated the attack and have contacted impacted customers.”
“We added substantial automated detections for known indicators of compromise associated with this attack… and we have found no evidence of further access,” it added. In May, Microsoft and Western spy agencies said Chinese hackers had used “stealthy” malware to attack critical infrastructure on American military bases in Guam. Moreover, Experts labeled it as one of the largest cyber espionage campaigns ever seen against the US.