Last year, the Department of Homeland Security released a scathing report detailing Microsoft’s mistakes during a 2023 hack in which China stole thousands of emails from top government officials. Two years before that, China-linked cyberattackers compromised more than 250,000 Microsoft Exchange servers.

Chinese hackers breached the U.S. National Nuclear Security Administration through Microsoft SharePoint, with the Energy Department confirming no sensitive information was stolen.

The Chinese state-sponsored hacking group known as Salt Typhoon has already shocked the US once with the revelation last year that it had deeply penetrated American telecom systems, even targeting the text messages and phone conversations of citizens including then-candidates Donald Trump and JD Vance in real time.

Chinese-government hacking attacks against U.S. targets are more serious than ever before, current and former officials said in interviews.