U.S. Representative Don Bacon (R Nebraska) revealed today that the FBI informed him about a cyberattack by China-backed hackers. The attack successfully infiltrated his personal and campaign email accounts over a month, between May 15 and June 16.
The attack exploited a vulnerability in Microsoft’s cloud infrastructure and was facilitated by a stolen key. The hackers generated authentication tokens by using this weakness.
What’s notable is that this revelation comes two months after the actual breach occurred, suggesting that the FBI is still in the process of notifying individuals affected by the attack. This raises concerns about the speed of communication regarding such incidents.
Rep. Bacon has speculated that his vocal support for Taiwan’s defense could be a motive behind this attack, suggesting that it might have been intended to undermine or embarrass him politically. He expressed his determination via a tweet to ensure Taiwan receives the U.S. military aid it has requested for its defense.
Thus, there were other victims in this cyber operation. The Communist government in China are not our friends and are very active in conducting cyber espionage. I’ll work overtime to ensure Taiwan gets every $ of the $19B in weapons backlog they’ve ordered, and more. (2/2)
— Rep. Don Bacon ???????? (@RepDonBacon) August 14, 2023
Rep. Bacon isn’t the only victim of this cyberattack. Other notable figures were also targeted, including U.S. Commerce Secretary Gina Raimondo and U.S. Ambassador to China Nicholas Burns.
The Microsoft cloud breach has prompted Congress and the U.S. Cyber Security Review Board investigations.