In February, the Republican Governors Association (RGA) was targeted by malicious actors through a Microsoft software exploit. According to a recent public filing by the RGA, the attack has ties to the Microsoft Exchange Server flaw from earlier this year. The situation turned into a nightmare for organizations around the world.
The attack potentially exposed the personal data of nearly 500 people associated with the RGA. The personal data includes social security numbers, according to the organization’s attorney.
The RGA learned about the breach on March 10, eight days after Microsoft informed the public about the campaign. Currently, it is unclear who is responsible for the breach, or what happened to the exposed data.
Fallout from the Microsoft Exchange Server Attack
This incident is just the latest fallout from the Microsoft Exchange Server mass hack earlier this year. The hack was linked to Chinese government-backed hacking groups. A computer exploit exposed the flaws to the public, resulting in a wide-scale attack by opportunistic cybercriminals.
The RGA said that hackers breached “a small portion of [its] email work environment” on February 28. It added that it only learned about the attack on March 10, eight days after Microsoft issued a public statement about the hacking campaign.
A spokesperson from the RGA did not comment on details of the hack, such as information about the perpetrators or damages caused. It added that it was “unable to determine what personal information, if any, was impacted as a result of the incident.”
US Critical of China’s Role in Microsoft Hack
The RGA said that it updated its Microsoft software after the attack. In July, the US government blamed China for its role in the Microsoft Exchange hack. Consequently, the UK and the European Union supported the US’ statement condemning China. The incident also led to the US Department of Justice levying criminal charges on four Chinese nationals.
Security researchers estimate that at the peak of the Exchange Server hack, tens of thousands of US state and local businesses were running vulnerable software. Fortunately, many organizations were able to apply a software update to protect themselves.
Since the incident, US National Security Council has met multiple times and urged organizations to raise their cyber defenses.
The hack impacted businesses outside of the US as well. This includes Europe, where the most high-profile attacks include the European Union’s banking regulator, the Norwegian parliament, and two German government entities. It also affected a large number of organizations in Australia, according to the country’s cybersecurity regulator.