Already a subscriber? Make sure to log into your account before viewing this content. You can access your account by hitting the “login” button on the top right corner. Still unable to see the content after signing in? Make sure your card on file is up-to-date.
Chinese hackers, previously linked to a Microsoft email breach, reportedly stole 60,000 emails from 10 US State Department accounts, a Senate staffer disclosed.
In a recent briefing attended by the Senate staffer, State Department IT officials revealed that the majority of the compromised accounts were linked to Indo-Pacific diplomacy operations. Furthermore, the hackers procured a comprehensive list of the department’s email addresses.
The breach’s origin was a compromised device of a Microsoft engineer, which granted them access to the State Department’s emails. This incident has spotlighted Microsoft’s significant role in offering IT solutions to the US government, prompting the State Department to enhance security measures, including a shift towards a “hybrid” IT environment and broader implementation of multi-factor authentication.
Senator Eric Schmitt, for whom the staffer works, emphasized the necessity to bolster cyber defenses and evaluate the potential vulnerabilities of depending on a sole vendor. In a statement, Senator Schmitt said, “We need to harden our defenses against these types of cyberattacks and intrusions. We need to take a hard look at the federal government’s reliance on a single vendor as a potential weak point.”
While Microsoft, facing scrutiny over its security protocols, has identified the hackers as “Storm-0558,” both the company and the State Department have yet to offer further comments on the matter.