"Storm-0558: The Microsoft Email Hack That Shook the Cybersecurity World" Posted on: May 5, 2025 Category: Cybersecurity | Threat Analysis In mid-2023, a Chinese state-sponsored hacker group identified as Storm-0558 launched a sophisticated cyber-espionage campaign targeting U.S. government agencies , Microsoft email accounts, and international organizations. The breach wasn't just another phishing scheme—it involved the theft of a Microsoft encryption key used to forge access tokens and infiltrate cloud email systems undetected. Storm-0558 reportedly accessed Exchange Online accounts using forged authentication tokens, bypassing standard authentication methods. The attackers managed to access email inboxes of senior U.S. officials , including some at the Department of State and the Department of Commerce. Investigations later revealed that the hackers had been operating stealthily for over a month before detection . The core issue was Microsoft's token si...