Data Breach

Microsoft Exchange Data Breach

250K records exposed • January 2021

Chinese hackers found secret bugs in Microsoft email servers. They broke into 250,000 organizations around the world, including government offices, before anyone could stop them.

What Happened

Chinese state-sponsored hackers (HAFNIUM) exploited four zero-days in Microsoft Exchange to compromise over 250,000 servers worldwide, including US government agencies.

Attack method: ProxyLogon zero-day vulnerabilities (CVE-2021-26855)

What Data Was Exposed

Emails, Contacts, Calendars, Server access

Is your business exposed?

What to Do If You're Affected

1.
Patch Exchange servers immediately
2.
Run Microsoft Safety Scanner
3.
Check for web shells and persistence

Lessons for Businesses

• On-premise Exchange is risky
• Zero-days can be exploited at scale
• Nation-states stockpile vulnerabilities

Sources

https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/

Related Breaches

Solarwinds 2020

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required