More than 20,000 U.S. organizations have been compromised through a back door installed via recently patched flaws in Microsoft Corp’s email software, a person familiar with the U.S. government’s response said on Friday.
The hacking has already reached more places than all of the tainted code downloaded from SolarWinds Corp, the company at the heart of another massive hacking spree uncovered in December.
The latest hack has left channels for remote access spread among credit unions, town governments and small businesses, according to records from the U.S. investigation.
Tens of thousands of organizations in Asia and Europe are also affected, the records show.
The hacks are continuing despite emergency patches issued by Microsoft on Tuesday.