Microsoft Says Chinese Hackers Used Flaw in Company’s Code to Steal Emails From US Agencies

Microsoft's blog post did not explain how the hackers got their hands on one of the company's digital keys.

Advertisement
By Reuters | Updated: 17 July 2023 17:49 IST
Highlights
  • Microsoft said Chinese hackers misappropriated one of its digital keys
  • Beijing has denied any involvement in the spying
  • The breach has thrown Microsoft's security practices under scrutiny

The Microsoft hack has rattled both the cybersecurity industry and China-US relations

Photo Credit: Reuters

Microsoft said on Friday that Chinese hackers misappropriated one of its digital keys and used a flaw in the company's code to steal emails from US government agencies and other clients.

The company said in a blog post that the hackers were able to use the key - which they acquired under undisclosed circumstances - and take advantage of "a validation error in Microsoft code" to carry out their cyberespionage campaign.

The blog provided the most fulsome explanation yet for a hack that rattled both the cybersecurity industry and China-US relations. Beijing has denied any involvement in the spying.

Advertisement

Microsoft and US officials said on Wednesday night that Chinese state-linked hackers had been secretly since May accessing email accounts at around 25 organizations. US officials said those included at least two government agencies: the State and Commerce Departments.

Advertisement

Secretary of State Antony Blinken told China's top diplomat, Wang Yi, in a meeting in Jakarta on Thursday that any action that targets the US government, US companies or American citizens "is of deep concern to us, and that we will take appropriate action to hold those responsible accountable," according to a senior State Department official.

Microsoft's blog post did not explain how the hackers got their hands on one of the company's digital keys, leading some experts to speculate that Microsoft itself had been hacked ahead of the thefts.

Advertisement

The company did not immediately respond to questions about the key.

The breach has thrown Microsoft's security practices under scrutiny, with officials and lawmakers calling on the Redmond, Washington-based company to make its top level of digital auditing, also called logging, available to all its customers free of charge.

Advertisement

Microsoft said in a statement late on Thursday that it was taking the criticism on board.

"We are evaluating feedback and are open to other models," the company said, adding that it was "actively engaged" with US officials on the matter.

© Thomson Reuters 2023

Will the Nothing Phone 2 serve as the successor to the Phone 1, or will the two co-exist? We discuss the company's recently launched handset and more on the latest episode of Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
 
Post your comments

Catch the latest from the Consumer Electronics Show on Gadgets 360, at our CES 2026 hub.

Further reading: Microsoft, China, US, Cybersecurity
Financial Stability Board Shares India's Vision to Frame Global Rules for Crypto
Advertisement

Related Stories

Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. These Smartphones Will Be Discounted During Flipkart Republic Day Sale
  2. OnePlus Freedom Sale Slashes Prices of Phones, Tablets, and More Products
  3. Vivo X200T Confirmed to Launch in India Soon: See Expected Specs
  4. Nothing Will Open Its First Flagship Store in India Soon
  5. Here's When Honor Magic 8 RSR Porsche Design Will Launch in China
  6. Vivo Y500i With a 7,200mAh Battery, 50-Megapixel Camera Launched
  7. iPhone 17 Pro, iPhone Air Will Go Sale at These Prices During Amazon's Sale
  8. ISRO's PSLV Suffers Second Failure as Third-Stage Glitch Sends Rocket Off Course
#Latest Stories
  1. ISRO’s PSLV Suffers Second Failure as Third-Stage Glitch Sends Rocket Off Course
  2. NASA Confirms First Medical Evacuation in ISS’s 25-Year History
  3. Space Forge Tests World’s First Commercial Semiconductor Factory in Space
  4. 83rd Golden Globe Awards Full List of Winners: Hamnet, The Pitt, Adolescence, and More
  5. Kirkkan OTT Release Date: When and Where to Watch This Gripping Crime Investigation Drama Online?
  6. Mana Shankara Vara Prasad Garu OTT Release Date Reportedly Leaked Online
  7. Forza Horizon 5 Is Said to Have Sold Over 5 Million Copies on PS5
  8. Realme Neo 8 Display Details Teased; TENAA Listing Reveals Key Specifications
  9. iPhone 17 Pro, iPhone 17 Pro Max, iPhone Air Discounts Revealed Ahead of Amazon Great Republic Day Sale 2026
  10. Google’s AI Overviews Giving Incorrect Medical Advice as OpenAI, Anthropic Push for Healthcare: Report
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.