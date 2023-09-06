A recent Chinese hack targeting senior officials at the U.S. State and Commerce departments has been traced back to the compromise of a Microsoft engineer’s corporate account, according to a blog post by Microsoft Corp. The hacking group, known as Storm-0558, is alleged to have stolen hundreds of thousands of emails from top American officials, including Commerce Secretary Gina Raimondo, U.S. Ambassador to China Nicholas Burns, and Assistant Secretary of State for East Asia Daniel Kritenbrink.

Microsoft’s blog post addressed unanswered questions about the incident, which has called into question the company’s security practices and prompted calls for an investigation. It provided an explanation of how the hackers were able to extract a cryptographic key from the engineer’s account and use it to access email accounts that they should not have had access to. The post also mentioned that the flaws that allowed the key to be accessible from the engineer’s account have been fixed.

Although Microsoft confirmed that the engineer’s account was compromised using “token-stealing malware,” further details about the incident and its timing were not provided. The Chinese Embassy in Washington has not commented on the matter.

The Chinese government has previously dismissed allegations of stealing emails from top U.S. officials as “groundless narratives.” However, this recent disclosure highlights the continued risks associated with cyberattacks and the need for robust security measures to protect sensitive information.

– Raphael Satter, Thomson Reuters

*The source article has been paraphrased and summarized to meet the word count requirement and provide a clear understanding of the main points.