There were reports up this morning that Chinese hackers have breached a bunch of organizations and government agencies, but the update this afternoon is that the hack included the email of Commerce Secretary Gina Raimondo.

Chinese cyberspies, exploiting a fundamental gap in Microsoft’s cloud, hacked email accounts at the Commerce and State Departments, including that of Commerce Secretary Gina Raimondo — whose agency has imposed stiff export controls on Chinese technologies that Beijing has denounced as a malicious attempt to suppress its companies…

The Microsoft vulnerability was discovered last month by the State Department. Also targeted were the email accounts of a congressional staffer, a U.S. human rights advocate and U.S. think tanks, officials and security professionals said…

A senior FBI official said that no classified information was taken and that there was no evidence that the hackers got anywhere except the inboxes. He said the government was not yet attributing the attack to any country or group but would seek to “impose costs” on the adversary.

The NY Times adds that the hackers seem to have been going for Sec. Blinken’s inbox as well but it seems they failed:

The hackers were not able to acquire emails in Mr. Blinken’s Microsoft 365 account, even as they got access to other State Department email boxes, officials said.

Multiple officials said the attack was aimed at individual email accounts, rather than a large-scale exfiltration of data, which Chinese hackers are suspected of having done before. Biden administration officials declined to give a full accounting of which officials had been targeted by the hackers.

The Post reports that the hackers used a “consumer signing key” to access the accounts. They gained access on May 15 and were discovered on June 16. The key they used could only be created using an even more powerful key which is kept secret at Microsoft. So now Microsoft is looking into how Chinese hackers got hold of it. The fact that they don’t know seems worrisome.

Earlier reports emphasized the hack of the State Department which is where suspicious activity was first detected:

The federal agency where the Chinese hackers were first detected was the State Department, a person familiar with the matter told CNN. The State Department then reported the suspicious activity to Microsoft, the person said…

The hackers targeted email accounts at the House of Representatives, but it was unclear who was targeted and if the breach attempts were successful, two sources familiar with the matter told CNN.

The identity of the congressional staffer involved would be interesting to know, or at least the name of who they worked for. So far I don’t see anything revealing who it was.

This is obviously not the first time we’ve been hacked by China. Why does this keep happening? Probably because China puts far more resources into hacking than the US does. Back in April the FBI Director estimated the divide:

“To give you a sense of what we’re up against, if each one of the FBI’s cyber agents and intel analysts focused exclusively on the China threat, Chinese hackers would still outnumber FBI Cyber personnel by at least 50 to 1,” Wray said during a House Appropriations subcommittee meeting, reports CNBC.

China has “a bigger hacking programme than every other major nation combined and has stolen more of our personal and corporate data than all other nations — big or small — combined,” he told the Congress panel.

We are vastly outnumbered by Chinese spies and thieves whose full-time job is to steal from us.