Microsoft has told in one of its blog posts that 25 accounts of various agencies were targeted by Chinese hackers, including America as well as Europe. Not only this, attempts were also made to access the accounts of customers associated with these organisations. The alias of the hacking group has been described as Storm-0558, which is a group related to China.
The Microsoft report further suggests that the main purpose of Storm-0558 was espionage, data theft and access to credentials. The group has previously targeted government agencies based in Western Europe.
Microsoft was first notified of the intrusion on June 16. According to the company’s blog post, a Chinese hacking group accessed the email account on May 15. However, Microsoft has not disclosed the number of accounts that may have been affected by these hackers.
According to the report, the hackers took advantage of a security loophole in Microsoft’s cloud-computing system, which has now been fixed. The hackers managed to infiltrate accounts that used Microsoft’s Outlook email service. These accounts used to generate authentication tokens, which gave hackers an opportunity to impersonate users.
There is a possibility that the Chinese hacking group was either affiliated with or working for Beijing’s intelligence service. In a recent blog post, Charlie Bell, executive vice president of Microsoft, said that the group’s main job is espionage, and to do so they access email systems to gather intelligence.