Security News > 2023 > September > Chinese snoops stole 60K State Department emails in that Microsoft email heist
Chinese snoops stole about 60,000 State Department emails when they broke into Microsoft-hosted Outlook and Exchange Online accounts belonging to US government officials over the summer.
"No classified systems were hacked," said State Department spokesperson Matthew Miller during a press briefing Thursday.
The emails exfiltrated from Microsoft's cloud belonged to 10 State Department officials, nine of whom were working on Indo-Pacific diplomatic efforts, according to Politico.
While the State Department has not yet formally blamed China or one of its cyber-espionage crews for the break-in, "We have no reason to doubt the attribution that Microsoft has made publicly," Miller said during the briefing.
The State Department uncovered the breach in July and notified Microsoft, which then attributed the intrusion to a China-based threat actor it tracks as Storm-0558.
In total, the crooks gained access to email data from around 25 organizations, which also included the US Commerce Department, Microsoft said at the time.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/09/28/chinese_hackers_stole_60000_state/
Related news
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)
- Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft (source)
- Microsoft Exchange adds warning to emails abusing spoofing flaw (source)
- Microsoft 365 Admin portal abused to send sextortion emails (source)
- Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday' (source)
- Microsoft dangles $10K for hackers to hijack LLM email service (source)