Chinese Hackers Breached Microsoft’s Email Platform to Steal 60,000+ US Govt Emails

In a significant cybersecurity breach, Chinese hackers successfully infiltrated Microsoft’s email platform earlier this year, leading to the theft of tens of thousands of emails from the U.S. State Department accounts, according to information shared by a Senate staffer who attended a briefing by State Department IT officials.

The breach came to light as State Department IT officials revealed that approximately 60,000 emails were stolen from ten State Department accounts during the attack.

Notably, nine of the affected accounts were linked to individuals working on matters concerning East Asia and the Pacific, while one account was focused on European affairs.

This revelation is part of an ongoing investigation into a series of cyberattacks that have rocked various U.S. organizations. 

FREE Demo

Deploy Advanced AI-Powered Email Security Solution

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

Free Demo

Sophisticated Infiltration:

In July, both U.S. officials and Microsoft disclosed that state-linked Chinese hackers had gained unauthorized access to email accounts in approximately 25 different organizations, including the U.S. Commerce and State Departments. 

However, the full extent of the compromise and the potential consequences of the stolen emails remain unclear, reads the Reuters report.

The allegations that China was responsible for these cyberattacks have further strained already tense relations between the United States and China. 

Beijing has vehemently denied any involvement in these breaches.

The compromised State Department email accounts were primarily used for Indo-Pacific diplomacy efforts. 

Shockingly, the hackers also managed to obtain a comprehensive list containing all of the department’s emails.

This high-profile breach has put the spotlight on Microsoft’s substantial role in providing IT services to the U.S. government. 

Calls for Action:

The State Department has initiated measures to enhance its cybersecurity defenses. 

These measures include transitioning to “hybrid” environments that involve multiple vendor companies and an increased adoption of multi-factor authentication.

The hackers’ initial point of entry into the State Department’s systems was the compromise of a Microsoft engineer’s device, which provided them access to the State Department’s email accounts, according to details shared during the briefing.

Senator Eric Schmitt, whose staffer provided these details, emphasized the need for stronger cybersecurity defenses and called for a reevaluation of the federal government’s reliance on a single vendor for critical services.

Microsoft has not yet issued an immediate comment in response to these developments. 

The tech giant has faced evaluation over its security practices in the wake of these breaches and previously stated that the hacking group behind the attacks, known as Storm-0558, had targeted webmail accounts operating on the company’s Outlook service.

Efforts to reach the State Department for comment were unsuccessful at the time of this report, and Senator Schmitt was not available for further interviews. 

This breach serves as a stark reminder of the evolving nature of cyber threats and the critical importance of securing sensitive government information in an increasingly digital world.

Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.