Last month, Microsoft said Chinese state-backed hacking groups had exploited vulnerabilities in its SharePoint file sharing software.
China accused the US of exploiting a flaw in Microsoft Corp.’s email servers to steal military data and launch cyberattacks on its defense sector.
The Cyber Security Association of China said in a statement Friday that US actors had been linked to two major cyberattacks on Chinese military companies without naming them. They exploited flaws in Microsoft Exchange to control the servers of a key company in the defense sector for nearly a year, it added. The association is a little-known entity backed by the powerful Cyberspace Administration of China.
The Redmond, Washington-based company has repeatedly blamed China for major cyberattacks involving Microsoft Exchange. In 2021, an alleged Chinese operation compromised tens of thousands of Microsoft Exchange servers. In 2023, another alleged Chinese attack on Microsoft Exchange compromised senior US officials’ email accounts. A US government review later accused Microsoft of a “cascade of security failures” over the 2023 incident.
Last month, Microsoft said Chinese state-backed hacking groups had exploited vulnerabilities in its SharePoint file sharing software.
Hackers breached about 400 government agencies, corporations and other groups around the world, although the number could be a lot higher, according to Eye Security, the cybersecurity company that identified an early wave of attacks last month.
Most of the victims are in the US, followed by Mauritius, Jordan, South Africa and the Netherlands, it added. Microsoft warned last month that hackers were actively targeting customers who manage SharePoint on their own networks, as opposed to being hosted and managed on the cloud.
More stories like this are available on bloomberg.com
Published on August 1, 2025