The Chinese hackers who breached senior US officials’ emails in May and June were able to do so by first stealing sensitive data from a Microsoft engineer, the company revealed Wednesday.

Multiple mishaps, including the crash of an internal Microsoft system in April 2021 and the hack of the engineer, gave the Chinese hackers coveted access to a cryptographic key that was later used to break into the US officials’ email accounts, the tech giant said in a blog post.

The statement sheds new light on a cyber-espionage campaign that has caused a furor in Washington. The hackers had breached the email accounts of US Ambassador to China Nicholas Burns and Commerce Secretary Gina Raimondo, in advance of Raimondo’s trip to China.

  • pimento64
    link
    fedilink
    arrow-up
    5
    arrow-down
    1
    ·
    1 year ago

    “Microsoft: whether by accident or design, spyware is guaranteed”