Chinese cyberspies breached the email accounts of around 25 organizations, including U.S. government agencies, according to Microsoft and others. The hacking group, referred to as Storm-0558, used forged identity authentication tokens to access some individual Outlook webmail accounts. Chinese hackers exploited a critical loophole in Microsoft's cloud infrastructure, allowing them to conduct a targeted hack on unclassified U.S. email accounts. - The vulnerability was discovered by the U.S. government in June, about a month after the hacking incidents started.
- Although Microsoft didn't disclose the specific agencies affected, the company said the hacking group primarily targets Western European governments for espionage and data theft.
- Adam Hodge from the White House's National Security Council confirmed no classified U.S. networks were affected, and investigations continue to assess the extent of the information breach.
The targeted and sophisticated nature of the attack suggests involvement either by or on behalf of China's intelligence service. - While the breach is smaller in scale compared to recent incidents, it still poses a threat to U.S.-China relations.
|
