In Washington on September 27th, a Senate staff member disclosed to Reuters that Chinese hackers, who successfully infiltrated Microsoft’s email platform earlier this year, were able to pilfer tens of thousands of emails from U.S. State Department accounts. The staff member, who had attended a briefing conducted by State Department IT personnel, relayed that officials informed lawmakers that 60,000 emails were taken from 10 State Department accounts. Among the victims, nine were focused on East Asia and the Pacific, while one was engaged with European affairs, as outlined in an email sharing the briefing’s details. The staff member requested anonymity.
The staff member is employed by Senator Eric Schmitt.
In July, both U.S. officials and Microsoft reported that hackers linked to the Chinese government had been infiltrating email accounts at approximately 25 entities, including the U.S. Departments of Commerce and State, since May. The full scope of this breach remains uncertain.
The accusations made by the United States, attributing the breach to China, have added tension to the already strained relations between the two nations, with Beijing denying any involvement in the incident.
The State Department personnel whose accounts were compromised were mainly working on diplomatic matters concerning the Indo-Pacific region. Moreover, in the Wednesday briefing, it was disclosed that the hackers managed to acquire a complete list of all the department’s emails.
This substantial security breach has refocused scrutiny on Microsoft’s pivotal role in providing IT services to the U.S. government. In response, the State Department has embarked on a shift toward “hybrid” environments that involve multiple vendor companies and has stepped up the implementation of multi-factor authentication as part of its measures to bolster system security, as detailed by officials in the briefing.
During the briefing, it was revealed that the hackers compromised a Microsoft engineer’s device, which served as their entry point to infiltrate the email accounts of the State Department.
Earlier this month, Microsoft acknowledged that a breach affecting senior officials at the U.S. State and Commerce Departments originated from the compromise of a Microsoft engineer’s corporate account.
In response to the briefing, Senator Schmitt issued a statement conveyed by the staff member via email to Reuters, expressing the need to strengthen defenses against such cyberattacks and intrusions. He also emphasized the importance of scrutinizing the federal government’s reliance on a single vendor as a potential vulnerability.
A Microsoft spokesperson did not immediately provide a comment regarding the Senate briefing. The company, which has faced criticism regarding its security practices since the breaches occurred, has stated that the hacking group responsible for these incidents, referred to as Storm-0558, had successfully breached webmail accounts operating on its Outlook service.
Efforts to obtain comments from the State Department on Wednesday were unsuccessful, and Senator Schmitt was not available for an interview.
Reported by Raphael Satter and Zeba Siddiqui; Edited by Leslie Adler.
