According to Microsoft, hackers based in China have successfully gained unauthorized access to the email accounts of approximately 25 organizations, including government agencies.
The software giant has not disclosed the specific locations of the affected government agencies.
The US Department of Commerce has confirmed to the BBC that Microsoft alerted them to the breach.
Reports indicate that Secretary of Commerce Gina Raimondo was among the individuals impacted by the attack.
A spokesperson from the US Department of Commerce stated, “Microsoft notified the Department of a compromise to Microsoft’s Office 365 system, and the Department took immediate action to respond.”
They further assured that they are actively monitoring their systems and will promptly address any further suspicious activities.
US media outlets have reported that the hackers also targeted the State Department, although the State Department has not yet responded to BBC’s request for comment.
In response to the accusations, China’s embassy in London dismissed them as “disinformation” and referred to the US government as “the world’s biggest hacking empire and global cyber thief,” according to Reuters.
Microsoft identified the hacking group, referred to as Storm-0558, as the China-based culprit behind the breach.
The hackers accessed email accounts by forging digital authentication tokens required by the system, which are typically used to verify users’ identities.
“Storm-0558 primarily targets government agencies in Western Europe and focuses on espionage, data theft, and credential access,” Microsoft stated.
The investigation conducted by Microsoft revealed that the breaches began in mid-May. The company claims to have mitigated the attack and has contacted the affected customers.
Microsoft has implemented enhanced automated detections to identify known indicators of compromise associated with this attack. No evidence of further unauthorized access has been found.
In May, Microsoft and Western intelligence agencies disclosed a separate cyber espionage campaign in which Chinese hackers used stealthy malware to target critical infrastructure on US military bases in Guam.
This campaign was considered one of the largest cyber espionage operations against the US.
China has consistently denied involvement in hacking activities, disregarding available evidence and context.