The email accounts of Commerce Secretary Gina Raimondo and officials from the State Department were among those affected by the breach carried out by Chinese hackers targeting a vulnerability in Microsoft’s cloud platform, officials confirmed Wednesday.
U.S. Secretary of Commerce Gina Raimondo speaks during the The Broadband Event at the White House in ... [+]
Both the Commerce Department and State Department confirmed to the press that their systems were affected by the breach.
On Tuesday, Microsoft disclosed that around 25 organizations—including some U.S. government entities—were affected by the hack.
Raimondo is the only Cabinet member who was impacted by the breach, which only affected unclassified government systems, the Washington Post reported.
The State Department was the first to discover the breach last month and “took immediate steps” to secure its systems and notified Microsoft—according to department spokesperson Matthew Miller.
The Commerce Department was notified about the breach by Microsoft and it took “immediate action to respond,” a spokesperson told the press without providing exact details.
Miller said the intrusion remains under investigation but refused to say if Washington will raise the issue with Beijing, as the government has not yet publicly attributed the hack to any country.
In a blog post late Tuesday, Microsoft disclosed that “a China-based actor” known as Storm-0558 exploited a vulnerability in its system to gain access to the emails of around two dozen organizations. The hackers were able to gain access through accounts that used the company’s Outlook mail service using forged authentication tokens, which allowed them to impersonate a user. Microsoft began investigating the issue on June 16, after being informed about it by the state department and has since fixed the vulnerability.
Chinese Hackers Gained Access To Some U.S. Government Emails, Microsoft Says (Forbes)
Chinese hackers breach email of Commerce Secretary Raimondo and State Department officials (Washington Post)