Security News > 2023 > July > Microsoft: Chinese hackers breached US govt Exchange email accounts

Microsoft: Chinese hackers breached US govt Exchange email accounts
2023-07-12 12:51

A Chinese hacking group has breached the email accounts of more than two dozen organizations worldwide, including U.S. and Western European government agencies, according to Microsoft.

"Microsoft investigations determined that Storm-0558 gained access to customer email accounts using Outlook Web Access in Exchange Online and Outlook.com by forging authentication tokens to access user email," Microsoft said in a blog post published late Tuesday evening.

The incident was reported to Microsoft by U.S. government officials last month after the discovery of unauthorized access to Microsoft cloud-based email services.

This was confirmed by National Security Council spokesperson Adam Hodge in a statement shared with CNN. "Last month, US government safeguards identified an intrusion in Microsoft's cloud security, which affected unclassified systems," Hodge told CNN. "Officials immediately contacted Microsoft to find the source and vulnerability in their cloud service. We continue to hold the procurement providers of the US Government to a high security threshold."

On Tuesday, Microsoft also revealed that the RomCom Russian-based cybercriminal group exploited an unpatched Office zero-day in recent spear-phishing attacks targeting organizations attending the NATO Summit in Vilnius, Lithuania.

Microsoft rebrands Azure Active Directory to Microsoft Entra ID. Amazon's AppStore is getting more apps and games on Windows 11.


News URL

https://www.bleepingcomputer.com/news/security/microsoft-chinese-hackers-breached-us-govt-exchange-email-accounts/