Flaw in Microsoft Code let Chinese hackers breach US ambassador’s emails in the cloud

According to The Wall Street Journal, China-linked hackers recently breached the cloud email accounts of U.S. Ambassador to China Nicholas Burns and Daniel Kritenbrink, Assistant Secretary of State for East Asia, in a targeted intelligence-gathering campaign.

The attack was part of a larger cyber espionage campaign, which revealed that China-based hackers had breached also Secretary of Commerce Gina Raimondo’s email account as well as email accounts of about 25 organizations, including some U.S. government agencies.

Microsoft disclosed that Chinese hackers had obtained one of its digital keys and exploited a vulnerability in its code to steal emails from U.S. government agencies and other clients.

Once again, China’s attack on US government cloud email accounts from Microsoft highlights the critical importance of securing data and using on premises solutions to share and store sensitive information: if data security is a top priority for you organization, please consider our Hushmail solution.