Microsoft Clarifies Chinese Hack of U.S. Officials' Accounts

Microsoft clarified that the Chinese hack of U.S. government officials' accounts resulted from the compromise of an engineer's account within the company. In a blog post published today, Microsoft stated that the engineer's account had been breached by a hacker group dubbed "Storm-0558," which U.S. officials reported had stolen emails from the State and Commerce Departments. The post explained how the attackers managed to extract a cryptographic key from the engineer's account and used it to access email accounts that the key should not have allowed them to reach. Microsoft stated that it has fixed the vulnerabilities that allowed the hackers to access the key from the unnamed engineer's account, enabling them to freely steal emails.