White House says closely following Microsoft email breach by Chinese hackers
Mar 06, 2021
Washington [US], March 6 : The US government said it is closely following the breach of a Microsoft email application reportedly carried out by Chinese hackers, calling it an "active threat" with a "large number" of victims.
"This is a significant vulnerability that could have far-reaching impacts. First and foremost, this is an active threat," The Hille quoted White House Press Secretary Jen Psaki as saying.
Microsoft said earlier this week that the flaw was being used by a Chinese state-sponsored hacking group to target a variety of organizations.
Cybersecurity group FireEye said in a blog post late Thursday night that hackers had been in at least one client's system since January, and that they had gone after "US-based retailers, local governments, a university, and an engineering firm," along with a Southeast Asian government and a Central Asian telecom group.
While Psaki declined to comment Friday on whether any federal agencies were compromised, she urged network operators to "consider if they have already been compromised" and if so to "take appropriate steps."
"Everyone running these servers -- government, private sector, academia -- needs to act now to patch them," Psaki said. "We are concerned there are a large number of victims and we are working with our partners to understand the scope of this. So it's an ongoing process."
"We are still looking closely at what happened and the next steps that need to be taken," Psaki added.
Microsoft alleged earlier this week that the Chinese hacking group known as "Hafnium" was responsible for exploiting the vulnerabilities.
Microsoft noted the group had previously attempted to steal information from infectious disease researchers, law firms, higher education institutions, defence contractors, policy think tanks, and non-governmental organizations.