Microsoft Says Chinese Hackers Used Flaw in Company’s Code to Steal Emails From US Agencies

Microsoft's blog post did not explain how the hackers got their hands on one of the company's digital keys.

Advertisement
By Reuters | Updated: 17 July 2023 17:49 IST
Highlights
  • Microsoft said Chinese hackers misappropriated one of its digital keys
  • Beijing has denied any involvement in the spying
  • The breach has thrown Microsoft's security practices under scrutiny

The Microsoft hack has rattled both the cybersecurity industry and China-US relations

Photo Credit: Reuters

Microsoft said on Friday that Chinese hackers misappropriated one of its digital keys and used a flaw in the company's code to steal emails from US government agencies and other clients.

The company said in a blog post that the hackers were able to use the key - which they acquired under undisclosed circumstances - and take advantage of "a validation error in Microsoft code" to carry out their cyberespionage campaign.

The blog provided the most fulsome explanation yet for a hack that rattled both the cybersecurity industry and China-US relations. Beijing has denied any involvement in the spying.

Advertisement

Microsoft and US officials said on Wednesday night that Chinese state-linked hackers had been secretly since May accessing email accounts at around 25 organizations. US officials said those included at least two government agencies: the State and Commerce Departments.

Advertisement

Secretary of State Antony Blinken told China's top diplomat, Wang Yi, in a meeting in Jakarta on Thursday that any action that targets the US government, US companies or American citizens "is of deep concern to us, and that we will take appropriate action to hold those responsible accountable," according to a senior State Department official.

Microsoft's blog post did not explain how the hackers got their hands on one of the company's digital keys, leading some experts to speculate that Microsoft itself had been hacked ahead of the thefts.

Advertisement

The company did not immediately respond to questions about the key.

The breach has thrown Microsoft's security practices under scrutiny, with officials and lawmakers calling on the Redmond, Washington-based company to make its top level of digital auditing, also called logging, available to all its customers free of charge.

Advertisement

Microsoft said in a statement late on Thursday that it was taking the criticism on board.

"We are evaluating feedback and are open to other models," the company said, adding that it was "actively engaged" with US officials on the matter.

© Thomson Reuters 2023

Will the Nothing Phone 2 serve as the successor to the Phone 1, or will the two co-exist? We discuss the company's recently launched handset and more on the latest episode of Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
 
Post your comments

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: Microsoft, China, US, Cybersecurity
Financial Stability Board Shares India's Vision to Frame Global Rules for Crypto
Advertisement

Related Stories

Microsoft Partners With Cognizant, Infosys, TCS and Wipro Over Agentic AI Adoption in India
11 December 2025
Activision Working on 'Next Era' of Call of Duty, Won't Do Back-to-Back Black Ops, Modern Warfare Releases
10 December 2025
Microsoft to Invest $17.5 Billion to Scale India’s AI and Cloud, Joins Google and OpenAI’s Recent Push
9 December 2025
How to Delete History on Google Chrome, Firefox, Other Browsers: A Step-by-Step Guide
8 December 2025
CERT-In Warns Chrome, Edge Users of ‘High’ Risk Vulnerabilities on Windows, macOS, and Linux
8 December 2025
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Xiaomi's HyperOS 3 Update Is Rolling Out to These Phones, Tablets
  2. OnePlus 15R, OnePlus 15R Ace Edition Launch Today: All You Need to Know
  3. Moto G Power (2026) Launched With MediaTek Dimensity 6300 SoC: Details
  4. Xiaomi 17 Ultra Surfaces on Regulatory Websites, Might Launch Soon
  5. iOS 26.3 May Make It Easier to Switch to an Android Phone
  6. Realme 16 Pro to Launch With Urban Wild Design in These Four Colourways
  7. Nothing Phone 3a Lite Review: The Best Mid-Range Design
  8. Realme Narzo 90 Series With 7,000mAh Battery Launched in India: See Pricing
  9. Samsung Galaxy A07 5G Visits Geekbench With This Chipset
  10. Dhruv64: India's First Homegrown 64-Bit Dual-Core Microprocessor Unveiled
#Latest Stories
  1. OnePlus Community Sale: OnePlus 15, Nord CE 5, and Wireless Audio Devices Available at Discounted Prices
  2. Xiaomi 17 Ultra Reportedly Listed on US FCC and IMEI Databases, Hinting at Imminent Global Debut
  3. Moto G Power (2026) Launched With MediaTek Dimensity 6300 SoC, 5200mAh Battery: Price, Specifications
  4. OnePlus 15R, OnePlus 15R Ace Edition Launching Today: Know Price in India, Features, Specs and More
  5. Astronomers Witness Longest-Lasting Gamma-Ray Burst in History, 8 Billion Light-Years Away
  6. Sub-Millimeter Robots Can Sense, Think, and Act Autonomously, New Study Finds
  7. Earth’s Atmosphere Has Been Leaking Onto the Moon for Billions of Years, Study Finds
  8. New Orbital Clues Reveal How Hot Jupiters Moved Close to Their Stars
  9. Heartiley Battery Out on OTT: Know Where to Watch This Tamil Sci-Fi Series Online
  10. Raat Akeli Hai: The Bansal Murders OTT Release Date: When and Where to Watch it Online?
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.