Security News > 2023 > August > US cyber safety board to analyze Microsoft Exchange hack of govt emails
The Department of Homeland Security's Cyber Safety Review Board has announced plans to conduct an in-depth review of cloud security practices following recent Chinese hacks of Microsoft Exchange accounts used by US government agencies.
In mid-July 2023, Microsoft reported that a Chinese hacking group tracked as 'Storm-0558' breached the email accounts of 25 organizations, including US and Western European government agencies, using forged authentication tokens from a stolen Microsoft consumer signing key.
After working with CISA to identify crucial logging data needed to detect attacks, Microsoft announced that they now offer it for free to all Microsoft customers.
Wiz revealed that the Chinese hackers could have used the compromised key to access various Microsoft applications and any customer applications that supported Microsoft Account authentication, so the incident might not be limited to accessing and exfiltrating emails from Exchange servers.
Stolen Microsoft key offered widespread access to Microsoft cloud services.
Microsoft: Chinese hackers breached US govt Exchange email accounts.
News URL
Related news
- Microsoft: Exchange Online bug mistakenly quarantines user emails (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) (source)
- Microsoft's End of Support for Exchange 2016 and 2019: What IT Teams Must Do Now (source)
- US minerals company says crooks broke into email and helped themselves to $500K (source)
- Week in review: PostgreSQL 0-day exploited in US Treasury hack, top OSINT books to learn from (source)
- Microsoft unveils finalized EU Data Boundary as European doubt over US grows (source)
- US seizes domain of Garantex crypto exchange used by ransomware gangs (source)
- Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails (source)
- Week-long Exchange Online outage causes email failures, delays (source)