Last week Microsoft blamed China for hacking its Outlook email software, allegedly compromising 20,000 organizations in the U.S.

On Sunday, the White House warned that though Microsoft (NASDAQ: MSFT) had issued a patch for its software, unresolved vulnerabilities remained. “This is an active threat still developing and we urge network operators to take it very seriously,” a White House official said. (Reuters)

The White House also said that senior U.S. security officials were considering further actions in connection with the breach.

On Friday, the Cybersecurity and Infrastructure Security Agency tweeted a warning that the malicious activity, if left unchecked, could “enable an attacker to gain control of an entire enterprise network.”

Hafnium group responsible

Last Tuesday, Microsoft alleged that its Exchange email server had been hacked by the “Hafnium” group and that the Chinese state had colluded with the bad actors. Cybersecurity firm Volexity discovered the intrusion, which supposedly began in early January.

This incident follows the infamous attack on Solarwinds (NYSE: SWI), a major US information technology firm, that spread to its clients and went unnoticed for months until detected in December.

Microsoft confirmed last week, however, that the hack on Outlook email software was unrelated to the Solarwinds breach.

A whole of government response

Meanwhile, CNN reported that the Biden administration was assembling a task force to deal with the cyber intrusions. CNN estimated the number of affected customers to be 30,000 in the U.S. and another 250,000 across the globe.

“We are undertaking a whole of government response to assess and address the impact,” said a White House official. “The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive to agencies and we’re now working with our partners and looking closely at the next steps we need to take.”

The administration’s task force is likely to be a multi-agency initiative by the National Security Council that would include the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and others.

Related Story:  Hackers, Suspected Of Russian Origin, Breach The U.S. Treasury