Email from Biden’s Commerce Secretary HACKED by Chinese spies: Cyber espionage campaign exploited hole to get into Gina Raimondo’s Microsoft cloud account
- Chinese cyberspies hacked Commerce Secretary Gina Raimondo’s email
- The hackers had access for about a month before they were discovered and shut down
- At least nine US governments and organizations have been targeted by the attack
An FBI investigation is underway after Commerce Secretary Gina Raimondo’s email was hacked by Chinese cyberspies.
US officials say Raimondo is the only cabinet-level official whose account was compromised in the attack. according to The Washington Post – but also a congressional staffer, a human rights lawyer and a think tank were targeted.
The State Department discovered a vulnerability in Microsoft’s cloud last month. The only two executive agencies known to have breached emails are the Departments of Commerce and State.
The targeted cyber espionage campaign has been toned down. But not before the hackers had access to the email accounts for about a month before shutting them down.
Nine U.S. organizations fell victim to the cyberattack, with some email accounts compromised at each entity, a senior Homeland Security official said.
Chinese cyberspies hacked Commerce Secretary Gina Raimondo’s email — and had access for about a month before being discovered and shut down
Microsoft says a total of 25 organizations have been hacked worldwide.
“U.S. government security audits identified a Microsoft cloud security breach affecting unclassified systems,” National Security Council spokesman Adam Hodges told the Post.
“Officials immediately contacted Microsoft to find the source and vulnerability in their cloud service,” he added. “We continue to hold US government procurement providers to a high safety threshold.”
The hack’s discovery coincided with Foreign Minister Antony Blinken’s trip to Beijing last month.
Beijing has openly criticized Raimondo’s trade department for imposing harsh export controls on Chinese companies, which the CCP says is a vicious suppression tactic.
There is an FBI investigation into the matter.
A person familiar with the matter said it does not appear that email accounts belonging to the Pentagon, intelligence agencies or military officials were affected.
Microsoft said late Tuesday it had mitigated an espionage and data theft attack by a “China-based threat actor” targeting government agencies in Western Europe.