US State Department Alerts Microsoft of Cloud Email Hacking Incident Last Month

Microsoft was alerted to the recent campaign conducted by the Chinese threat actor Storm-0558 by the US State Department, which claimed that its emails were accessed. Storm-0558 targeted more than two dozen email accounts belonging to various Western organizations, including government firms. The attack involved the use of forged authentication tokens to access Outlook Web Access in Exchange Online (OWA) and Outlook.com.