Chinese hack of US officials due to compromise of Microsoft engineer’s account, Microsoft says

The recently disclosed Chinese hack of senior officials at the U.S. State and Commerce Departments stemmed from the compromise of a Microsoft engineer’s corporate account, Microsoft Corp MSFT.O said in a blog post on Wednesday.

Microsoft said the engineer’s account had been penetrated by a hacking group it dubs Storm-0558, which is alleged to have stolen hundreds of thousands of emails from top American officials including Commerce Secretary Gina Raimondo, U.S. Ambassador to China Nicholas Burns and Assistant Secretary of State for East Asia Daniel Kritenbrink.

The blog post issued on Wednesday addressed some of the unanswered questions around the incident, which drew fresh scrutiny to Microsoft’s security and led to calls to investigate the company’s practices.

Notably, the post explained how hackers were able to extract a cryptographic key from the engineer’s account and use it to access email accounts that the key should not have given them access to.

Microsoft said it had fixed the flaws that led to the key being accessible from the unidentified engineer’s account and giving the hackers such wide latitude to steal emails.

Microsoft did not immediately respond to a request for further information about the incident. The Chinese Embassy in Washington did not immediately return an email. Beijing has previously described the allegation that it stole emails from top U.S. officials as “groundless narratives.”