US small businesses reportedly targeted by Chinese hackers using Microsoft email flaw

Thousands of small businesses and government offices across the US were compromised due to a back door flaw in Microsoft’s email program, according to reports.

Hackers in China have been exploiting several flaws in Microsoft’s Exchange software to break into accounts and read emails without authorization and to install unauthorized software, according to the Wall Street Journal.

Sources told the newspaper that tens of thousands of customers around the world could be affected, but that figure could be higher than 250,000.

Microsoft said the attack was likely carried out by a network of Chinese hackers. The hacks are continuing despite emergency patches made by the company last week, Reuters reported.

Microsoft had initially said the hacks consisted of “limited and targeted attacks.” The company refused comment on Friday, saying that it was working with government agencies and security organizations to help its customers affected by the hack.

The issues are with the Web version of Outlook for people hosting them on their own machines and not on the cloud, Reuters reported. This likely spared bigger companies and federal government agencies, the records suggest.

As of Friday, about 10 percent of connected devices vulnerable to the hack had installed the patches, but the number was going up.