Chinese hack of State Department emails included breach of Social Security numbers

Chinese hack of State Department emails included breach of Social Security numbers

Several pieces of personal and “high-risk” materials were leaked to Chinese hackers after a breach of the State Department email server earlier this year, government officials told Senate staffers in a closed-door briefing on Wednesday.

Much of the information that was accessed included personal communications, future travel itineraries, and fewer than 10 Social Security numbers of department employees, according to a Senate staffer who was present for the briefing. The update comes months after officials confirmed the email server was hacked in May, just ahead of a planned visit by Secretary of State Antony Blinken.


The emails were leaked through what is called a “crash dump,” meaning hackers were able to access a stolen Microsoft certificate that left an engineer’s device compromised, allowing the entire State Department server through that. Hackers were able to access 10 State Department email accounts, including roughly 60,000 individual emails that were stolen, according to a source familiar.

Nine of the email accounts belonged to employees who were working on affairs in East Asia and in the Pacific. It’s not entirely clear what information the final email account, but State Department officials told staffers they mostly focused on Indo-Pacific diplomacy efforts.

Hackers were also able to capture the global address list, which includes every email address in the State Department.

Staffers were briefed by four senior State Department officials, including Chief Information Officer Kelly Fletcher, Enterprise Chief Information Security Officer Donna Bennett, Deputy Chief Information Officer for Business Management and Planning Jeffrey Johnson, and Gharun Lacy, assistant director of the Diplomatic Security Service for Cyber and Technology Security.


Moving forward, department officials said they would begin increasing their usage of multi-factor authentication systems and move to hybrid environments that utilize multiple vendors.

“Today’s briefing was an important step forward in countering cyberattacks from foreign adversaries like China in the future,” Sen. Eric Schmitt (R-MO), who attended the briefing, told the Washington Examiner. “We need to harden our defenses against these types of cyberattacks and intrusions in the future, and we need to take a hard look at the federal government’s reliance on a single vendor as a potential weak point. I will continue to lead my colleagues in pushing for more answers to ensure China and other nefarious actors do not gain access to the federal government’s most sensitive information.”

Related Posts