Suspected Chinese hackers accessed emails of the U.S. ambassador to China and another top State Department official in their recent breach of government accounts, according to two people familiar with the matter.
Ambassador Nicholas Burns and Daniel Kritenbrink, the State Department’s assistant secretary of state for East Asia, are the latest high-profile government officials to be identified as victims of the likely Chinese spying campaign, which was revealed late last month.
The State Department previously confirmed that it was among the more than two dozen organizations hacked in the global espionage caper, but did not provide the names of affected individuals.
The hackers breached the two officials’ unclassified email account, the people said. Both were granted anonymity because they were not authorized to speak publicly about the matter.
Microsoft has attributed the spying activity to China, but the U.S. government has not officially named a culprit.
The Wall Street Journal was the first to report that the hackers accessed the inboxes of Burns and Kritenbrink. The Washington Post previously reported that Commerce Secretary Gina Raimondo’s email was among those breached.
Spokespeople from the National Security Council and the Cybersecurity and Infrastructure Security Agency did not respond to a request for comment. A spokesperson for the State Department declined to comment.
It remains unclear what information the hackers got their hands on and how valuable it might have been. But the spying campaign, which began in May, appears to have overlapped with a period of high-stakes diplomacy between the U.S. and China.
During that period, officials would have been laying the groundwork for Secretary of State Antony Blinken’s mid-June trip to Beijing, along with this month’s visits by Treasury Secretary Janet Yellen and climate envoy John Kerry.
Security experts have argued that the campaign was technically adept and demonstrates an acceleration in Beijing’s digital spying capabilities.
“Chinese cyber espionage operators’ tactics had steadily evolved to become more agile, stealthier, and complex to attribute” over the last decade, researchers at cybersecurity firm Mandiant wrote in a blog post Tuesday.
Still, the revelations also raise fresh questions about the scope and severity of the incident, and how much of the blame falls on Microsoft.
On Wednesday, Microsoft offered existing customers a series of enhanced digital forensic tools, following frustration from U.S. officials that the high price tag it placed on core security products had prevented many lower-paying victims from detecting the breach.
Some lawmakers argued that even that gesture was too little, too late.
“It is unconscionable that two years after the SolarWinds hack, Microsoft was still upcharging federal agencies for critical security features,” Sen. Ron Wyden (D-Ore.) said in a statement. “Our national security depends on making cybersecurity a core part of the software contracting process.”
Microsoft declined to comment for this story.