Chinese state-linked hackers who breached Microsoft systems also hacked into the emails of Rep. Don Bacon (R-Neb.), the congressman said on Aug. 14.
Between May 15 to June 16, Chinese spies hacked into the lawmaker’s personal and campaign emails, using a vulnerability in the Microsoft software, Mr. Bacon wrote on X, the social media platform formerly known as Twitter.
“This was not due to ‘user error,’” he wrote, adding that there were other victims in the hacking operation. “The Communist government in China are not our friends and are very active in conducting cyber espionage.”
A spokesperson for Mr. Bacon’s office told The Epoch Times they first learned about the hack through an FBI call on Monday. It’s unclear if any other members of Congress were targeted. The FBI said it has no comment on the issue.
On June 16, the same day Microsoft began an investigation into the cyberattack, the Microsoft Network (MSN) also alerted Mr. Bacon that his account “may have been compromised or hacked” and requested him to change the password, the spokesperson said. The lawmaker did so but didn’t think of the issue further.
What information the Chinese hackers were after remains uncertain. The spokesperson suggests that Mr. Bacon’s vocal support for Taiwan may have drawn Beijing’s attention.
The democratic self-ruled island is currently waiting for $19 billion in weapon purchases from the United States to defend itself from a possible invasion by China’s communist regime.
Mr. Bacon, who serves on the House Armed Services Committee, said he will “work overtime” to ensure Taiwan gets every dollar of the “$19B in weapons backlog they’ve ordered, and more.”
The Microsoft breach has highlighted the vulnerability of relying on a single technology provider such as Microsoft.
The letter described China as the only country with the intent and the power to “reshape the international order.” The incident shows that the Chinese regime is surpassing the “smash and grab heists” to a level “among the most technically sophisticated and stealthy ever discovered,” it added.
In June, Sen. Ron Wyden (D-Ore.), the chair of the Senate Finance Committee, demanded the Justice Department and two civil regulators—the Federal Trade Commission Cybersecurity and Infrastructure Security Agency—to open separate probes into the “ Microsoft’s “negligent cybersecurity practices.”
He also asked the Department of Homeland Security’s Cyber Safety Review Board to look into the hack, which the agency last week agreed to do.
California-based Barracuda Networks, which detected the intrusions into its networks on May 19, said about 5 percent of its active Email Security Gateway appliances worldwide showed signs of potential compromise. The hackers operated on both the organizational and individual account levels, according to Mandiant. They focused on issues that were high policy priorities for China, particularly in the Asia-Pacific region. Mandiant said the hackers searched the email accounts of those working for governments of political or strategic interest to China while they were participating in diplomatic meetings with other countries.
