Chinese intelligence successfully hacked into Microsoft email accounts of around two dozen government agencies, including the U.S. State Department and Western European entities, in a significant cyber breach, as confirmed by Microsoft and U.S. national security officials.
Sen. Mark Warner, Chair of the Select Committee on Intelligence, stated that the Senate Intelligence Committee is closely monitoring the breach, emphasizing the need for close coordination between the U.S. government and private sector to counter the growing cyber threats posed by China.
Microsoft’s cybersecurity teams managed to mitigate the compromise after being alerted about the breach in mid-June 2023. The hacking group, codenamed Storm-0558 by Microsoft, targeted personal accounts associated with the affected agencies, most likely belonging to agency employees.
U.S. government officials identified the intrusion and reported it to Microsoft. Although the specific agencies impacted were not disclosed, the FBI and the Cybersecurity and Infrastructure Security Agency acknowledged that the first report came from a single executive branch agency.
Microsoft, being a major government contractor with widely used Exchange software, has been investing in cybersecurity research and threat containment. This breach follows a similar espionage effort by a Chinese state-backed group targeting critical U.S. civilian and military infrastructure.
The incident serves as a timely reminder of the ongoing cyber threat posed by China, as warned by top U.S. cybersecurity officials, including the characterization of China as an “epoch-defining” threat by Jen Easterly, the top U.S. cybersecurity official.