The United States State Department disclosed on Wednesday that a cyber intrusion affected several government systems. The incident follows a recent wave of intrusions attributed to a mix of foreign actors, including a group linked to Russian hackers who breached multiple government agencies in the previous weeks. Reports from major U.S. outlets indicate that Chinese cyber espionage operatives targeted emails belonging to officials at the Ministry of Foreign Affairs and Trade, elevating concerns about foreign influence operations amid ongoing tensions between global powers.
Spokespersons for the administration told CNN that an intrusion into Microsoft’s cloud security, which impacted unclassified government systems, was detected in the prior month. Government teams promptly alerted Microsoft about the breach, and officials cited steps taken to mitigate the risk. The Washington Post notes that Commerce Secretary Gina Raimondo was among those affected, and the investigation is continuing under the supervision of the FBI. Officials emphasized that risk mitigation measures have already been implemented and that efforts remain focused on preventing further exposure.
Microsoft subsequently confirmed that it had addressed an intrusion attributed to a China-based risk actor. A company spokesperson said the government agency responsible for diplomacy confirmed abnormal activity in its systems and has taken urgent, decisive actions. The official statement also stressed ongoing monitoring of the situation and a commitment to rapid response should new activity emerge.
The broader cyberattack activity intensified on June 15 when a notorious hacker group known as CL0P, also called TA505, is reported to have infiltrated several government networks, according to the U.S. Cybersecurity and Infrastructure Security Agency. While initial assessments suggested no coordination with any foreign government, an official source indicated that the attackers were acting independently rather than as part of a state-sponsored operation. The incident added to concerns about the security of federal networks and the critical infrastructure that relies on them.
Historically, the most significant recent breach of U.S. government networks occurred in 2019 when a solar winds supply chain compromise enabled access to thousands of agencies and contractors. That episode underscored the persistent vulnerabilities in government IT ecosystems and the importance of robust cloud security, rigorous access controls, and continuous monitoring. Security experts stress that cyber threats are increasingly multivector, combining phishing, cloud vulnerabilities, and supply chain weaknesses to reach sensitive data.