Cyber Security News

Chinese Hackers Breached Microsoft’s Email Platform to Steal 60,000+ US Govt Emails

In a significant cybersecurity breach, Chinese hackers successfully infiltrated Microsoft’s email platform earlier this year, leading to the theft of tens of thousands of emails from the U.S. State Department accounts, according to information shared by a Senate staffer who attended a briefing by State Department IT officials.

The breach came to light as State Department IT officials revealed that approximately 60,000 emails were stolen from ten State Department accounts during the attack.

Notably, nine of the affected accounts were linked to individuals working on matters concerning East Asia and the Pacific, while one account was focused on European affairs.

This revelation is part of an ongoing investigation into a series of cyberattacks that have rocked various U.S. organizations. 

Document
FREE Demo

Deploy Advanced AI-Powered Email Security Solution

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

Sophisticated Infiltration:

In July, both U.S. officials and Microsoft disclosed that state-linked Chinese hackers had gained unauthorized access to email accounts in approximately 25 different organizations, including the U.S. Commerce and State Departments. 

However, the full extent of the compromise and the potential consequences of the stolen emails remain unclear, reads the Reuters report.

The allegations that China was responsible for these cyberattacks have further strained already tense relations between the United States and China. 

Beijing has vehemently denied any involvement in these breaches.

The compromised State Department email accounts were primarily used for Indo-Pacific diplomacy efforts. 

Shockingly, the hackers also managed to obtain a comprehensive list containing all of the department’s emails.

This high-profile breach has put the spotlight on Microsoft’s substantial role in providing IT services to the U.S. government. 

Calls for Action:

The State Department has initiated measures to enhance its cybersecurity defenses. 

These measures include transitioning to “hybrid” environments that involve multiple vendor companies and an increased adoption of multi-factor authentication.

The hackers’ initial point of entry into the State Department’s systems was the compromise of a Microsoft engineer’s device, which provided them access to the State Department’s email accounts, according to details shared during the briefing.

Senator Eric Schmitt, whose staffer provided these details, emphasized the need for stronger cybersecurity defenses and called for a reevaluation of the federal government’s reliance on a single vendor for critical services.

Microsoft has not yet issued an immediate comment in response to these developments. 

The tech giant has faced evaluation over its security practices in the wake of these breaches and previously stated that the hacking group behind the attacks, known as Storm-0558, had targeted webmail accounts operating on the company’s Outlook service.

Efforts to reach the State Department for comment were unsuccessful at the time of this report, and Senator Schmitt was not available for further interviews. 

This breach serves as a stark reminder of the evolving nature of cyber threats and the critical importance of securing sensitive government information in an increasingly digital world.

Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.

Guru Baran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool

An Advanced Persistent Threat (APT) is a sophisticated and stealthy cyberattack designed to gain unauthorized,…

1 hour ago

Researchers Hacked into Software Supply Chain and Earned $50K Bounty

Researchers found a significant software supply chain vulnerability, which resulted in an outstanding $50,500 bounty…

3 hours ago

ZeroLogon Ransomware Exploit Active Directory Vulnerability To Gain Domain Controller Access

A significant threat has emerged in the form of the ZeroLogon ransomware exploit. This exploit…

3 hours ago

zkLend Hacked – $8.5M Stolen, Company offers 10% whitehat Bounty to Attacker

zkLend, a prominent decentralized finance (DeFi) protocol built on Ethereum's Layer-2 zk-rollup technology, has fallen…

4 hours ago

New YouTube Bug Exploited to Leak Users’ Email Addresses

A critical vulnerability in YouTube’s infrastructure allowed attackers to expose the email addresses tied to…

4 hours ago

Mirai Botnet Exploting Router Vulnerabilities to Gain Complete Device Control

A new wave of cyberattacks has surfaced, with a Mirai-based botnet exploiting a number of…

5 hours ago