Business
Chinese hackers accessed US govt emails by exploiting bug: Microsoft
San Francisco, July 12
Microsoft has revealed that Chinese hackers have exploited a flaw in its cloud email service to gain access to email accounts affecting approximately 25 organisations including government agencies as well as related consumer accounts of individuals likely associated with these organisations.
The tech giant has published details of activity by a China-based actor it is tracking as "Storm-0558".
"We have been working with the impacted customers and notifying them prior to going public with further details. At this stage -- and in coordination with customers -- we are sharing the details of the incident and threat actor to benefit the industry," said Charlie Bell, Executive Vice President, Microsoft Security.
This China-based hacking group is focused on espionage, such as gaining access to email systems for intelligence collection. This type of espionage-motivated adversary seeks to abuse credentials and gain access to data residing in sensitive systems.
"Our investigation revealed that beginning on May 15, 2023, Storm-0558 gained access to email data from approximately 25 organizations, and a small number of related consumer accounts of individuals likely associated with these organizations," the company said in its latest blog post.
They did this by using forged authentication tokens to access user email using an acquired Microsoft account (MSA) consumer signing key. Microsoft said it has completed mitigation of this attack for all customers.
"We added substantial automated detections for known indicators of compromise associated with this attack to harden defenses and customer environments, and we have found no evidence of further access," said the company.
"We've also been partnering with relevant government agencies like the Department of Homeland Security's (DHS) Cybersecurity and Infrastructure Security Agency (CISA). We are thankful they and others are working with us to help protect affected customers and address the issue," the tech giant added.
1 hour ago
Malabar Gold & Diamonds Proudly Represents India’s Global Business Vision at PM Modi’s ‘Kia Ora Modi’ event in Auckland, New Zealand
1 hour ago
Didi Krishna’s Message to Physicians at AAPI Convention 2026: A Sacred Blueprint for Physicians as Healers
1 hour ago
Deeply disappointed: 'Melbourne Meets Modi' organisers on 'paid crowd' claims of Rahul, Kharge; seek apology
1 hour ago
‘This is just the beginning’: Tendulkar hails landmark Lord’s Test as defining moment for women’s cricket
1 hour ago
Successive reports on presence of foreign operatives in and around India raises serious concern
5 hours ago
India strongly condemns the attack on vessels transiting Strait of Hormuz
7 hours ago
Devi Sri Prasad on S Janaki amma: Words cannot justify the greatness of this legend!
7 hours ago
Boney Kapoor on daughter Anshula's wedding: ‘It's a memory i'll carry forever’
7 hours ago
Mugdha Godse opens up about her small contribution to Marathi film 'Frame'
7 hours ago
S Janaki's granddaughter Apsara Vydyula: Don’t measure my love for my grandmother by the tears you do or do not see!
7 hours ago
Actress Bhavana clarifies that she does not have a Facebook account!
7 hours ago
Ajay Devgn looks back at 20 years of ‘Golmaal’, calls the journey full of unlimited fun
7 hours ago
Krystle D’Souza calls Awakenings 2026 a core memory, says she’s ‘ruined for every other festival now’
