Chinese hackers have successfully gained access to the email accounts of Commerce Secretary Gina Raimondo and other government officials, stealing a staggering 60,000 emails from the State Department alone, according to confidential sources familiar with a Senate staff briefing held on Wednesday. The briefing revealed that the stolen emails originated from 10 State Department email accounts, with nine of them belonging to individuals involved in East Asian and Pacific affairs. The hack, which targeted Microsoft-based email accounts within the State and Commerce Departments, was initially reported in July. However, at that time, neither U.S. government officials nor Microsoft executives disclosed the extent of the breach, including the number of affected email accounts or the volume of emails stolen.

The scope of the hack was first reported by Reuters earlier on Wednesday. While Washington has yet to formally attribute the intrusion to China, several U.S. officials, including Commerce Secretary Raimondo, have made the connection. According to Biden administration officials who briefed Senate staff members, the hackers utilized a stolen Microsoft certificate to breach the State Department email accounts. Shockingly, this same token was also used to infiltrate an additional 25 organizations and government agencies. At present, it remains unclear what the content of the stolen emails entails, although officials have been quick to downplay the potential compromise of sensitive information, emphasizing that classified email accounts were not compromised.

These cyber breaches occurred in the weeks leading up to Secretary of State Antony J. Blinken's visit to China. Secretary Blinken was the first in a series of cabinet officials to embark on a trip aimed at repairing strained diplomatic relations between the United States and China. However, this endeavor occurred simultaneously with the imposition of investment restrictions on certain Chinese sectors for American entities. In light of these developments, Senator Eric Schmitt, a Republican from Missouri, expressed concern over the government's reliance on single-vendor systems, specifically highlighting Microsoft's role in facilitating these systems. Senator Schmitt called for a thorough evaluation of the Defense Department's dependence on similar single-vendor systems, emphasizing the need to fortify defenses against future cyberattacks and intrusions. In a statement, he stressed the urgency of ensuring that China and other malicious actors are unable to gain access to highly sensitive federal government information.

The State Department has not yet responded to requests for comment regarding the incident.