Security News > 2023 > September > Microsoft breach led to theft of 60,000 US State Dept emails
Chinese hackers stole tens of thousands of emails from U.S. State Department accounts after breaching Microsoft's cloud-based Exchange email platform in May. During a recent Senate staff briefing, U.S. State Department officials disclosed that the attackers stole at least 60,000 emails from Outlook accounts belonging to State Department officials stationed in East Asia, the Pacific, and Europe, as Reuters first reported.
Microsoft did not disclose specific details regarding the affected organizations, government agencies, or countries impacted by this email breach.
"Officials immediately contacted Microsoft to find the source and vulnerability in their cloud service. We continue to hold the procurement providers of the US Government to a high security threshold."
Earlier this month, Microsoft disclosed that the threat group first obtained a consumer signing key from a Windows crash dump, a breach facilitated after compromising the corporate account of a Microsoft engineer, which enabled access to the government email accounts.
Under pressure from the Cybersecurity and Infrastructure Security Agency, Microsoft has also agreed to broaden access to cloud logging data at no cost, which would help network defenders identify potential breach attempts of a similar nature in the future.
US cyber safety board to analyze Microsoft Exchange hack of govt emails.
News URL
Related news
- AT&T delays Microsoft 365 email delivery due to spam wave (source)
- 'Four horsemen of cyber' look back on 2008 DoD IT breach that led to US Cyber Command (source)
- Microsoft shares temp fix for Outlook encrypted email reply issues (source)
- Nissan infosec in the spotlight again after breach affecting more than 50K US employees (source)
- Product showcase: Alert – Data breach detector for your email, credit card, and ID (source)
- Cencora data breach exposes US patient info from 8 drug companies (source)
- Cencora data breach exposes US patient info from 11 drug companies (source)