Suspected Chinese Hack on US Government Worse Than Previously Thought: Cyber Researchers

A recent cybersecurity breach of U.S. government emails may have reached further than initially thought, according to a new report by the cybersecurity firm Wiz.inc. Earlier this month, Microsoft and U.S. government cybersecurity experts identified a breach of email systems tied to 25 organizations, including several U.S. government agencies. Microsoft attributed the security breach, which likely occurred in May, to a Chinese government-linked hacking group called Storm-0558. According to Microsoft, Storm-0558 obtained a private encryption key, known as an MSA key, and used it to forge access tokens for the Outlook Web Access (OWA) and Outlook.com services. The U.S. government has provided few details about the exact extent of this hacking incident. Reports have indicated that email accounts for U.S. Commerce Secretary Gina Raimondo were impacted, as were accounts belonging to U.S. Ambassador to China Nicholas Burns, and Assistant Secretary of State for East Asian and Pacific Affairs Daniel Kritenbrink. At a July 12 press briefing, officials with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) said that no sensitive information was stolen during the hack. Microsoft assessed that the hack only impacted its Outlook.com and Exchange Online services.