China implicated in Microsoft breach

White House press secretary Jen Psaki said Friday that the Biden administration is closely following the breach of a Microsoft email application, reportedly carried out by Chinese hackers, calling it an “active threat” with a “large number of victims.”

“This is a significant vulnerability that could have far-reaching impacts. First and foremost, this is an active threat,” Psaki told reporters during the daily press briefing.

She pointed to a tweet from national security adviser Jake Sullivan on Thursday night urging network administrators to patch their systems against a previously unknown vulnerability in Microsoft’s Exchange Server email application.

Microsoft said earlier this week that the flaw was being used by a Chinese state-sponsored hacking group to target a variety of organizations.

Psaki’s comments came the day after FireEye released research on the vulnerability, finding that the hackers had exploited it as early as January and had compromised organizations including U.S. local governments and a Southeast Asian government.

Psaki declined to comment on whether U.S. federal agencies had been compromised by the breach, which comes as the Biden administration is still investigating the impact of the SolarWinds attack, but warned that there may be a “large number of victims.”