U.S. ambassador to China Nicholas Burns was among those hacked in a cyber-espionage operation linked to Beijing, Fox News has confirmed.
The alleged spying operation, first disclosed last week, is believed to have compromised hundreds of thousands of U.S. government emails.
Burns and Daniel Kritenbrink, the Assistant Secretary of State for East Asia, are believed to be the two most senior State Department officials targeted. Commerce Secretary Gina Raimondo was also among those targeted, U.S. officials told The Washington Post.
"The Department of State detected anomalous activity, took immediate steps to secure our systems, and will continue to closely monitor and quickly respond to any further activity," a State Department spokesperson said.
"As a matter of cybersecurity policy, we do not discuss details of our response and the incident remains under investigation. The Department of State has a robust cyber security program to protect our systems and information and works continuously to build resilience and stay ahead of malicious actors. We continuously monitor our networks and update our security procedures."
Burns and Kritenbrink’s inclusion in the attack was first reported by The Wall Street Journal.
BIDEN ADMIN VOWS TO HOLD CHINESE HACKERS RESPONSIBLE AFTER GOVERNMENT EMAIL BREACH
Though the full scope of the attack is not known, the planning and execution appeared to have ramped up in anticipation of a string of U.S. visits to China – including Secretary of State Anthony Blinken – aimed at quelling tensions between the two nations.
The hackers were able to pull off the attack thanks to a flaw in Microsoft's cloud-based security. The surgical, targeted espionage was discovered in mid-June by the State Department. They said none of the breached systems were classified, nor was any of the stolen data.
One person familiar with the investigation said U.S. military and intelligence agencies were not among the agencies impacted in the monthlong spying campaign, which also affected unnamed foreign governments.
Officials did not specify the nature of the stolen data. But one U.S. official said the intrusion was "directly targeted" at diplomats and others who deal with the China portfolio at the State Department and other agencies. The official added that it was not yet clear if there had been any significant compromise of information.
Blinken’s trip to China went ahead as planned, although with customary information security procedures in place, which required his delegation to use "burner" phones and computers in China.
Microsoft said it was alerted to the breach, which it blamed on a state-backed, espionage-focused Chinese hacking group "known to target government agencies in Western Europe," on June 16. Microsoft said the group, which it calls Storm-0558, had gained access to email accounts affecting about 25 organizations, including government agencies, since mid-May as well as to consumer accounts of individuals likely associated with those agencies.
The Associated Press contributed to this report.