Microsoft has disclosed that a significant cyberespionage campaign orchestrated by Chinese state-linked hackers has targeted approximately 25 organizations, including government agencies. The tech giant has not disclosed the names of the affected organizations or governments, but the United States government has reported the incident to Microsoft.
According to Adam Hodge, spokesperson for the National Security Council, the intrusion impacted Microsoft’s cloud security and affected unclassified systems. Upon discovering the breach, officials promptly contacted Microsoft to identify the source and vulnerability in their cloud service.
While the number of affected U.S. email accounts is currently believed to be limited, the attack appears to have been targeted, with no indication of compromise in Pentagon, intelligence community, and military email accounts, as reported by The Washington Post, citing an unnamed source.
Microsoft has named the hacking group responsible for the cyberattacks as Storm-0558. The group employed forged digital authentication tokens to gain unauthorized access to webmail accounts utilizing Microsoft’s Outlook service. The campaign began in May, and Microsoft has been actively working with the targeted organizations, providing them with crucial information to aid in their investigations and response.
China’s Embassy in London has not yet responded to requests for comment. It is important to note that China consistently denies engaging in state-backed hacking campaigns.