The discovered vulnerability of Microsoft Exchange Server made it possible to hack e-mail boxes of more than 30 thousand government and commercial organizations in the United States and hundreds of thousands around the world. This was announced by Wired magazine and investigative journalist Brian Krebs. The volume of data leaks is not disclosed.

The researchers support the version that the hacking was carried out by a group of Chinese hackers Hafnium, but their statement does not claim that the team is sponsored by the Chinese government. The hack supposedly lasted for about two months, starting on January 6 and ending on March 2 when Microsoft released a security update.

The attack affected thousands of different government and commercial organizations, including police, fire departments, financial institutions and educational institutions. The theft of any specific data was not reported, but experts say that the hackers installed malware on the servers of organizations, which is designed to facilitate further hacking.

“This is a massive hack. Absolutely massive. We’re talking about thousands of compromised servers around the world. “– said in a conversation with Wired a former employee of the National Security Agency, familiar with the course of the investigation.

The researchers argue that the process of detecting and cleaning servers from hacker software will require significant efforts from organizations. Volexity, the president of cybersecurity company, also clarified that if companies use an old version of Exchange Server, then it is very likely that they have already been hacked.

The official list of affected organizations has not yet been disclosed, which makes it impossible to assess the scale of the attack. Despite this, the White House national security adviser Jake Sullivan said that the authorities are monitoring the situation and the implementation of the necessary corrections to the defense.

A Microsoft spokesperson already noted that the company is working closely with the Cyber ​​and Infrastructure Protection Agency (CISA) and other government agencies to provide customers with the best advice and mitigation measures.

This is the second major attack through the products of American IT companies. In December 2020, it became known about the hacking of SolarWinds clients. More than 18 organizations were allegedly affected by the attack. Among them are 100 different organizations and 9 US federal agencies.