© Reuters. FILE PHOTO: U.S. and Chinese flags are seen through broken glass in this illustration taken, January 30, 2023. REUTERS/Dado Ruvic/Illustration/File Photo
LONDON (Reuters) – Chinese state-linked hackers secretly accessed email accounts at around 25 organisations, including government agencies, in a sweeping cyberespionage campaign by a group which primarily targets entities in Western Europe, Microsoft (NASDAQ:) said on Wednesday.
The hacking group, which Microsoft dubbed Storm-0558, forged digital authentication tokens to access webmail accounts running on the firm’s Outlook service, Microsoft said in a statement on its website. The activity began in May.
“As with any observed nation-state actor activity, Microsoft has contacted all targeted or compromised organizations directly via their tenant admins and provided them with important information to help them investigate and respond,” the statement added.
Microsoft did not say which organisations – or governments -had been affected by the digital intrusion.
China’s Embassy in London did not immediately respond to an emailed request for comment. Beijing routinely denies that it engages in state-backed hacking campaigns.