Big breach in Microsoft’s cloud

© iStock.

Microsoft announced that starting May 15, a China-based group of hackers named Storm-0558 infiltrated an unspecified number of email accounts. The intent was most likely to collect information from approximately 25 organizations, including Western Europe and US government agencies. According to the Washington Post, the US government first detected the attack and alerted Microsoft. “Officials immediately contacted Microsoft to find the source and vulnerability in their cloud service,” explained National Security Council spokesperson Adam Hodges. The group, which used forged authentication tokens to access the breached email accounts, went unnoticed for a month until Microsoft started its investigation on June 16 on the basis of “customer-reported information.” Microsoft states it has strengthened security by adding “substantial automated detections” that give the alert when an attack takes place, and it is currently working with the Department of Homeland Security’s cyber defense agency to protect the users whose accounts were targeted.

⇨ The Verge, Jess Weatherbed, “Chinese hackers breached US government emails via Microsoft Cloud exploit.”

⇨ Ars Technica, Andy Greenberg, “How a cloud flaw gave Chinese spies a key to Microsoft’s kingdom.”

2023-07-13