Microsoft has disclosed that that a cyberattack by a China-based “nation-state actor” managed to access email hosted on Exchange Online and Outlook.com belonging to about 25 organizations, including government agencies.
Mitigation of the attack is complete, according to a statement from Microsoft, which blamed a threat actor tracked by the company as Storm-0558. That actor, based in China, “primarily targets government agencies in Western Europe and focuses on espionage, data theft, and credential access,” according to the statement, issued Tuesday evening.