London Daily

Focus on the big picture.
Thursday, Oct 09, 2025

At least 30,000 US organizations, small businesses and government offices were victims of Microsoft Exchange hack

At least 30,000 US organizations, small businesses and government offices were victims of Microsoft Exchange hack

A purported Chinese hacking group exploited bugs in Microsoft's email software system to steal data from US organizations and agencies.
At least 30,0000 organizations across the US have been hacked over the last few days through flaws in Microsoft's Exchange server email software, sources familiar with the matter told KrebsOnSecurity.

The "unusually aggressive Chinese cyber espionage unit" that Microsoft calls "Hafnium" is focusing on stealing emails from a range of victims, including companies, small businesses, and local governments, Krebs said.

The group exploited four flaws in Microsoft's Exchange servers. The bugs gave attackers full remote control over the affected systems.

With each hacking incident, the group left behind a hacking tool called "web shell" that is protected by an easy password and could be accessed from any internet browser, the cybersecurity blog said. This tool allowed hackers to have administrative access to computer servers.

Microsoft released a security update this week to patch Exchange versions from 2013 to 2019. Microsoft recommended users immediately install updates to the Exchange product, which is primarily used by business customers. The company also said that it informed appropriate US government agencies about the breach.

Microsoft said the email system is used by organizations including companies, infectious disease researchers, defense contractors, law firms, NGOs, and universities.

The purported Chinese hacking group is responsible for seizing control over hundreds of thousands of Microsoft Exchange servers worldwide, two anonymous cybersecurity experts told KrebsOnSecurity.

Chinese Foreign Ministry spokesman Wang Wenbin responded to Microsoft's accusations in a Wednesday press briefing, saying there was not enough evidence to draw a conclusion on the Exchange hack's origins, according to Bloomberg.

This is the eighth time in the last 12 months that Microsoft has publicly reported state-sponsored hacks.

White House Press Secretary Jen Psaki said in a press briefing on Friday that the weaknesses found in Microsoft's Exchange Servers were "significant."

"We're concerned that there are a large number of victims," she added.

The Prague municipality and the Czech Ministry for Labor and Social Affairs were impacted by the Hafnium server breach, according to Reuters who cited a European cyber official briefed on the issue.
Newsletter

Related Articles

0:00
0:00
Close
French Political Turmoil Elevates Marine Le Pen as Rassemblement National Poised for Power
China Unveils Sweeping Rare Earth Export Controls to Shield ‘National Security’
The Davos Set in Decline: Why the World Economic Forum’s Power Must Be Challenged
France: Less Than a Month After His Appointment, the New French Prime Minister Resigns
Hungarian Prime Minister Viktor Orbán stated that Hungary will not adopt the euro because the European Union is falling apart.
Sarah Mullally Becomes First Woman Appointed Archbishop of Canterbury
Mayor in western Germany in intensive care after stabbing
Australian government pays Deloitte nearly half a million dollars for a report built on fabricated quotes, fake citations, and AI-generated nonsense.
US Prosecutors Gained Legal Approval to Hack Telegram Servers
Macron Faces Intensifying Pressure to Resign or Trigger New Elections Amid France’s Political Turmoil
Standard Chartered Names Roberto Hoornweg as Sole Head of Corporate & Investment Banking
UK Asylum Housing Firm Faces Backlash Over £187 Million Profits and Poor Living Conditions
UK Police Crack Major Gang in Smuggling of up to 40,000 Stolen Phones to China
BYD’s UK Sales Soar Nearly Nine-Fold, Making Britain Its Biggest Market Outside China
Trump Proposes Farm Bailout from Tariff Revenues Amid Backlash from Other Industries
FIFA Accuses Malaysia of Forging Citizenship Documents, Suspends Seven Footballers
Latvia to Bar Tourist and Occasional Buses to Russia and Belarus Until 2026
A Dollar Coin Featuring Trump’s Portrait Expected to Be Issued Next Year
Australia Orders X to Block Murder Videos, Citing Online Safety and Public Exposure
Three Scientists Awarded Nobel Prize in Medicine for Discovery of Immune Self-Tolerance Mechanism
OpenAI and AMD Forge Landmark AI-Chip Alliance with Equity Option
Munich Airport Reopens After Second Drone Shutdown
France Names New Government Amid Political Crisis
Trump Stands Firm in Shutdown Showdown and Declares War on Drug Cartels — Turning Crisis into Opportunity
Surge of U.S. Billionaires Transforms London’s Peninsula Apartments into Ultra-Luxury Stronghold
Pro Europe and Anti-War Babiš Poised to Return to Power After Czech Parliamentary Vote
Jeff Bezos Calls AI Surge a ‘Good’ Bubble, Urges Focus on Lasting Innovation
Japan’s Ruling Party Chooses Sanae Takaichi, Clearing Path to First Female Prime Minister
Sean ‘Diddy’ Combs Sentenced to Fifty Months in Prison Following Prostitution Conviction
Taylor Swift’s ‘Showgirl’ Launch Extends Billion-Dollar Empire
Trump Administration Launches “TrumpRx” Plan to Enable Direct Drug Sales at Deep Discounts
Trump Announces Intention to Impose 100 Percent Tariff on Foreign-Made Films
Altman Says GPT-5 Already Outpaces Him, Warns AI Could Automate 40% of Work
Singapore and Hong Kong Vie to Dominate Asia’s Rising Gold Trade
Trump Organization Teams with Saudi Developer on $1 Billion Trump Plaza in Jeddah
Manhattan Sees Surge in Office-to-Housing Conversions, Highest Since 2008
Switzerland and U.S. Issue Joint Assurance Against Currency Manipulation
Electronic Arts to Be Taken Private in Historic $55 Billion Buyout
Thomas Jacob Sanford Named as Suspect in Deadly Michigan Church Shooting and Arson
Russian Research Vessel 'Yantar' Tracked Mapping Europe’s Subsea Cables, Raising Security Alarms
New York Man Arrested After On-Air Confession to 2017 Parents’ Murders
U.S. Defense Chief Orders Sudden Summit of Hundreds of Generals and Admirals
Global Cruise Industry Posts Dramatic Comeback with 34.6 Million Passengers in 2024
Trump Claims FBI Planted 274 Agents at Capitol Riot, Citing Unverified Reports
India: Internet Suspended in Bareilly Amid Communal Clashes Between Muslims and Hindus
Supreme Court Extends Freeze on Nearly $5 Billion in U.S. Foreign Aid at Trump’s Request
Archaeologists Recover Statues and Temples from 2,000-Year-Old Sunken City off Alexandria
China Deploys 2,000 Workers to Spain to Build Major EV Battery Factory, Raising European Dependence
Speed Takes Over: How Drive-Through Coffee Chains Are Rewriting U.S. Coffee Culture
U.S. Demands Brussels Scrutinize Digital Rules to Prevent Bias Against American Tech
×