China-based hackers have conducted a widespread espionage campaign, successfully breaching email accounts at approximately two-dozen organizations, including several US government agencies, as confirmed by Microsoft and the White House.
The investigation is ongoing to determine the full extent of the hack, with US officials and Microsoft working to assess the impact and mitigate the fallout. The State Department was the first federal agency to detect the suspicious activity and promptly reported it to Microsoft.
Multiple sources familiar with the investigation revealed that the Chinese hackers specifically targeted a select number of federal agencies and a limited number of officials’ email accounts at each agency. The breach aimed to acquire sensitive information and involved successful penetrations of at least two executive branch agencies, including the State Department and the Department of Commerce.
Additionally, email accounts at the House of Representatives were targeted, but it remains unclear whether the breach attempts were successful.
While the identity of the hackers was not explicitly disclosed, Microsoft executives confirmed that the hackers were based in China and focused on conducting espionage activities. US officials have consistently identified China as a highly capable adversary in cyberspace, with the FBI highlighting Beijing’s extensive hacking program. The hacking campaign began in mid-May when the hackers exploited stolen sign-in keys to gain unauthorized access to email accounts.
Microsoft has since taken measures to block the hackers’ access to customer emails using this technique.
An ongoing investigation is underway within the US government to fully comprehend the scope of the hack and its implications. US officials continue to label China as a significant cyber threat, while Beijing consistently denies the allegations.
The Chinese Embassy in Washington, D.C., has not responded to requests for comment regarding the Microsoft findings. The hacking incident serves as a reminder of the persistent cybersecurity challenges faced by governments and organizations worldwide, highlighting the need for robust security measures to safeguard sensitive information.