Chinese Hackers Breach Microsoft and Access Emails of State Department Employees and Rep. Don Bacon
In a shocking revelation, it has been reported that suspected Chinese hackers who manipulated Microsoft customer identities have also gained unauthorized access to the personal and political emails of Rep. Don Bacon, a moderate Republican from Nebraska who serves on the House Armed Services Committee. The hacking incident is believed to have taken place between mid-May and mid-June, aligning with the timeframe of previously identified breaches.
Rep. Bacon took to Twitter on Monday to confirm the breach, stating that he had been notified by the FBI about the Chinese spies hacking into his emails. Bacon further mentioned that the hackers capitalized on a mistake made by Microsoft, which allowed them to exploit the vulnerability for a month. He also expressed his determination to ensure that the United States fulfills its commitments to Taiwan, stating, “I’m a big proponent for Taiwan. I suspect they’d like info to embarrass me or to undercut me politically. As I told FBI, I have nothing to be embarrassed about.”
The compromised email accounts of Rep. Don Bacon add to the list of victims targeted by these Chinese hackers. The government and private sources had previously revealed that Commerce Secretary Gina Raimondo, State Department employees, a human rights advocate, think tanks, and even a congressional staffer had fallen victim to the cyber-espionage campaign.
Bacon’s late notification of the breach suggests that there may still be unidentified victims emerging from this incident. However, both the FBI and Microsoft have remained silent on the matter, declining to comment.
While officials have characterized this hacking campaign as traditional espionage, the incident has raised concerns among experts regarding the role of Microsoft’s cloud, email, and authentication services. It remains unclear how the government could have prevented such a breach while relying solely on Microsoft’s services.
Microsoft has acknowledged that the hackers acquired powerful signing keys, enabling them to create verified customer identities and bypass multifactor authentication. Coupled with other vulnerabilities in Microsoft’s systems, millions of individuals may have been exposed to potential attacks.
It was only after the State Department detected suspicious activity in its logs that Microsoft was able to pinpoint the master key that the hackers had obtained and subsequently block any future unauthorized access.
Following this breach, several members of Congress have demanded explanations from federal agencies regarding their plans to counter similar attacks in the future. Additionally, they have called on Microsoft to make its logs more widely available, a request that the technology giant has reportedly agreed to accommodate.
Sen. Ron Wyden (D-Ore.) has gone a step further by requesting the Justice Department and Federal Trade Commission to investigate whether Microsoft’s security practices violated any laws or its FTC consent decree, which required improved security measures in the aftermath of a previous breach involving its authentication tool, Passport.
Furthermore, Sen. Wyden has urged the Department of Homeland Security to involve its Cyber Safety Review Board, which was established two years ago, in examining the Microsoft cloud breach. Last week, the board confirmed their intention to undertake this task.
The Department of Homeland Security has redirected inquiries regarding the breach to the FBI.
The revelations of this widespread hacking incident continue to send shockwaves through government and cybersecurity circles. As investigations unfold, experts remain focused on understanding the full extent of the compromise and the actions necessary to prevent such breaches in the future.