Targeting of organizations via Microsoft Exchange Server vulnerability
Date of report
  • March 2021
The Chinese threat actor Hafnium exploited vulnerabilities in the Microsoft Exchange Server to access the emails of hundreds of thousands of entities across the globe.
Suspected victims
  • Various industry sectors, including state and local governments, universities, defense contractors, law firms, medical researchers, think tanks, and others
Suspected state sponsor
  • China
Type of incident
  • Espionage
Target category
  • Civil society
  • Private sector
  • Government
Suspected state sponsor response