Senate Briefing Reveals 60,000 Emails Stolen from Storm-0558 Key Theft

Category: Data Breach | Industry: Government | Source: Reuters

The compromise of at least 25 email accounts, as a result of forging Microsoft authentication tokens in May 2023, is revealed to have caused significant data impact to the US State Department. According to a report by Raphael Satter and Zeba Siddiqui from Reuters, the hackers tracked as Storm-0558 managed to breach Microsoft's email platform, resulting in the theft of tens of thousands of emails from U.S. State Department accounts. A staffer affiliated with Senator Eric Schmitt informed Reuters the "individuals whose accounts were compromised mostly focused on Indo-Pacific diplomacy efforts, and the hackers also obtained a list containing all of the department's emails." The breach affected a total of 10 State Department accounts, with 60,000 emails stolen. Based on information shared by a staffer to Reuters, of the ten compromised accounts, nine dealt with affairs related to East Asia, and the last account focused on Europe.

Earlier this month on September 6th, 2023, Microsoft revealed the incident was associated with the compromise of a Microsoft engineer's corporate account and the accessibility of a Windows crash dump via the engineer's account. The crash dump which had failed to sanitize sensitive data including a signing key was due to a race condition. Microsoft has not provided a response to information presented in the Senate's briefing.