Categories: CyberCrimeSecurity

Chinese Hackers Stole 60,000 US State Department Emails

A hack of Microsoft’s Outlook email platform earlier this year resulted in the theft of roughly 60,000 emails from the US State Department, the agency has confirmed.

“Yes, it was approximately 60,000 unclassified emails that were exfiltrated as a part of that breach,” State Department spokesman Matthew Miller told a press conference.

He added that classified systems had not been hacked and that the emails were all unclassified.

“We have not made an attribution at this point, but, as I said before, we have no reason to doubt the attribution that Microsoft has made publicly,” Miller said

Emails stolen

“Again this was a hack of Microsoft systems that the State Department uncovered and notified Microsoft about.”

The official remarks followed reports of a briefing by State Department IT officials last week who said the emails had been stolen from 10 accounts within the department.

Nine of the accounts worked on East Asia and the Pacific and one worked on Europe, Reuters reported, citing an unnamed staffer who works for Senator Eric Schmitt.

US officials and Microsoft acknowledged in July that hackers suspected to be allied to the Chinese government had accessed the accounts of about 25 organisations, including the US Commerce and State Departments.

Microsoft revealed technical details of the attack last month, saying the attack group Storm-0558 had used an acquired Microsoft account (MSA) consumer key to forge tokens to access OWA (Outlook Web Access) and Outlook.com.

‘Harden our defences’

China has denied involvement in the hack.

The State Department staff whose accounts were compromised mostly focused on Indo-Pacific diplomacy, officials said at the briefing, adding that the hackers had obtained a list of all the department’s email accounts.

“We need to harden our defences against these types of cyberattacks and intrusions,” Schmitt said in an internal statement following the briefing, Reuters reported. “We need to take a hard look at the federal government’s reliance on a single vendor as a potential weak point.”

Following the hack Microsoft made cloud logging data more widely available at no cost, which could help security organisations identify similar breach attempts in the future.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

1 hour ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

3 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

4 hours ago