iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
A major Microsoft data breach has led to US government emails being hacked, according to new reports.
Hackers connected to a China-based cyber crime group breached Microsoft’s Outlook email systems back in May, according to Microsoft.
Now, sources close to the investigation have said that US government emails belonging to Commerce Secretary Gina Raimondo have been compromised as a result of the recent Microsoft 365 hack.
“Microsoft notified the department of a compromise to Microsoft’s Office 365 system, and the department took immediate action to respond,” said a department spokesperson to ABC News.
“We are monitoring our systems and will respond promptly should any further activity be detected. The department maintains strong cyber security protections, which we update to address a rapidly evolving cyber security landscape.”
The breach was detected last month, but investigations have shown that the breach occurred back in May.
Raimondo was likely targeted by China for the Iran-related sanctions her department had been imposing on China.
When asked about the sanctions last month, a spokesperson for China’s Commerce Ministry said: “The US action lacks factual basis and due process, harming the legitimate rights and interests of Chinese enterprises and individuals.
“China will take necessary measures to resolutely safeguard the legitimate rights and interests of Chinese enterprises and individuals.”
Microsoft has said that the hacker behind the attack is a China-based threat actor with the name Storm-0558, who is known for focusing on western European government agencies and primarily engages in data theft and espionage.
Alongside Raimondo, a number of government agencies were also affected by the breach, with details being disclosed by a joint cyber security advisory that was released by the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) on 12 July.
“In June 2023, a Federal Civilian Executive Branch (FCEB) agency identified suspicious activity in their Microsoft 365 (M365) cloud environment,” it said.
“Microsoft determined that advanced persistent threat (APT) actors accessed and exfiltrated unclassified Exchange Online Outlook data.”
Alongside the Commerce Department, CNN and The Washington Post reported the US State Department was also hit, as well as a US human rights advocate and several US think tanks.
When questioned about the cyber attack by Bloomberg, China denied the breach and instead said that the information the accusations were based on was American and that the US was “actually the biggest hacking empire and global cyber thief”.
Be the first to hear the latest developments in the cyber industry.
