Microsoft — Data Breach

criticalAnti-PrivacyJun 5, 2023 → Jul 12, 2023Data Breach

Executive Summary

Microsoft disclosed that a China-based threat actor, Storm-0558, used forged authentication tokens to breach email accounts at approximately 25 organizations including the US State Department and Commerce Department starting in May 2023. The attackers exploited a stolen Microsoft account signing key to forge tokens for Outlook Web Access. A DHS review later found a 'cascade of errors' in Microsoft's security practices that enabled the breach.

Post LinkedIn Reddit Email

data-breach surveillance

Sources

Microsoft Security Blog: Analysis of Storm-0558 techniques for unauthorized email access
NPR: Microsoft says Chinese hackers breached email, including U.S. government agencies