By Milcah Tanimu
Chinese hackers, who breached Microsoft’s email platform earlier this year, successfully stole tens of thousands of emails from U.S. State Department accounts, according to a Senate staffer who attended a briefing by State Department IT officials.
The staffer, who requested anonymity, disclosed that State Department officials informed lawmakers that approximately 60,000 emails had been stolen from ten State Department accounts. Among the victims, nine were focused on East Asia and the Pacific, while one worked on European affairs.
U.S. officials, along with Microsoft, revealed in July that Chinese state-linked hackers had gained access to email accounts at around 25 organizations, including the U.S. Commerce and State Departments. The extent of the breach remains uncertain.
These U.S. allegations accusing China of orchestrating the breach have further strained an already tense relationship between the two nations, with Beijing vehemently denying any involvement.
Most of the compromised State Department individuals were working on Indo-Pacific diplomacy efforts, and the hackers also acquired a list containing all of the department’s emails, as disclosed during the Wednesday briefing.
This extensive breach has renewed focus on Microsoft’s significant role in providing IT services to the U.S. government. In response, the State Department has initiated a move to “hybrid” environments involving multiple vendor companies and increased adoption of multi-factor authentication as part of its efforts to safeguard its systems.
According to the briefing, the hackers initially compromised a Microsoft engineer’s device, which then enabled them to breach the State Department’s email accounts.
Microsoft, earlier this month, attributed a hack of senior officials at the U.S. State and Commerce Departments to the compromise of a Microsoft engineer’s corporate account.
Senator Eric Schmitt, in response to the briefing, emphasized the need to strengthen defenses against cyberattacks and intrusions. He also called for a closer examination of the federal government’s reliance on a single vendor, citing it as a potential vulnerability.
As of now, Microsoft has not provided immediate comment on the Senate briefing. The company has faced criticism regarding its security practices following the breaches and had previously stated that the hacking group, known as Storm-0558, had compromised webmail accounts using its Outlook service.
Efforts to reach the State Department for comment were unsuccessful at the time of the report, and Senator Schmitt was unavailable for an interview.