ALBAWABA - Microsoft has disclosed that the Chinese cyber intrusion into the accounts of U.S. government officials resulted from the compromise of one of the company's engineers.
Microsoft stated that the engineer's account had been breached by a hacker group known as "Storm-0558." U.S. officials have indicated that this group was responsible for the theft of email messages from the U.S. Departments of State and Commerce.
The post detailed how the intruders were able to extract an encryption key from the engineer's account and subsequently use it to access email accounts that were not supposed to be accessible to them.
Microsoft also confirmed that it has addressed the vulnerabilities that allowed the intruders to access the encryption key from the engineer's account, though the engineer's identity remains undisclosed. This action has prevented further unauthorized access and theft of email messages.
