At least 30,000 U.S. victims – including small businesses and local governments – have been hacked by a Chinese government-backed cyber espionage unit, Krebs on Security reports.
What is happening: Hackers focused on stealing emails from victimized organizations by exploiting loopholes in the Microsoft Exchange server, widely used by large corporations and organizations.
Receive market news worthy of your time with Axios Markets. Subscribe for free.
The context: Since January, China-backed hackers have used four flaws in Microsoft’s software to take control of organizations’ mail servers around the world.
Microsoft released emergency security updates for the software on March 2, but the Chinese group has quickly escalated attacks on unpatched Exchange servers since the update was released.
Among the American victims are “banks, credit unions, nonprofits, telecommunications providers, utilities and police, fire and rescue units,” according to Krebs on Security, which reported. examined a list of victims.
The big picture: The attack follows the major Russian-backed hacker breach of SolarWinds that went public in December 2020 and will likely increase pressure on government and the private sector to step up cybersecurity measures.
The new breach is unrelated to SolarWinds, but it “may well end up eclipsing by far the damage done by the SolarWinds intruder,” Krebs said.
What they say: The Biden administration has warned victims of the attack in recent days.
Jen Psaki, White House press secretary, said on Friday that the Microsoft breach “is a significant vulnerability that could have far-reaching impacts.”
National Security Advisor Jake Sullivan said in a tweet Thursday that the government “is closely monitoring Microsoft’s emergency fix for unknown vulnerabilities in Exchange Server software and potential compromise reports from US think tanks and defense industry base entities.”
Learn more about Axios: Sign up to learn about the latest market trends with Axios Markets. Subscribe for free