China-based hackers have breached email accounts at two-dozen organizations, including some United States government agencies, in an apparent spying campaign aimed at acquiring sensitive information, according to statements from Microsoft and the White House late Tuesday.
The full scope of the hack is being investigated, but US officials and Microsoft have been quietly scrambling in recent weeks to assess the impact of the hack and contain the fallout.
“Last month, US government safeguards identified an intrusion in Microsoft’s cloud security, which affected unclassified systems,” National Security Council spokesperson Adam Hodge said in a statement to CNN.
“Officials immediately contacted Microsoft to find the source and vulnerability in their cloud service,” Hodge said. “We continue to hold the procurement providers of the US Government to a high security threshold.”
Hodge did not identify who was behind the hack, but Microsoft executives said in a blog post that the hackers were based in China and focused on espionage.
There is still an “ongoing, active investigation” in the US government to understand the full scope of the hack, a source familiar with the matter told CNN.
US officials have consistently labeled China as the most advanced of US adversaries in cyberspace. The FBI has said Beijing has a larger hacking program than all other governments combined.
China has routinely denied the allegations. The Chinese Embassy in Washington, D.C., did not immediately respond to a request for comment early Wednesday on the Microsoft findings.
The hacking began in mid-May, when the China-based hackers used a stolen sign-in key to burrow their way into email accounts, according to Microsoft. The tech giant has since blocked the hackers from accessing customer emails using that technique, Microsoft said late Tuesday.