Reuters today reported details about the global hacking campaign, known as Cloud Hopper and attributed to China by the United States and its Western allies.
According to the report, the hackers working for China’s Ministry of State Security broke into networks of eight of the world’s biggest technology service providers in an effort to steal commercial secrets from their clients.
A U.S. indictment in December outlined an elaborate operation to steal Western intellectual property in order to advance China’s economic interests but stopped short of naming victim companies. At the time, the companies were identified to be Hewlett Packard Enterprise and IBM. Now, Reuters has found that at least six other technology service providers were compromised: Fujitsu, Tata Consultancy Services, NTT Data, Dimension Data, Computer Sciences Corporation and DXC Technology, HPE’s spun-off services arm.
Reuters has also identified more than a dozen victims who were clients of the service providers. That list includes Swedish telecoms giant Ericsson, U.S. Navy shipbuilder Huntington Ingalls Industries and travel reservation system Sabre.
HPE said it worked “diligently for our customers to mitigate this attack and protect their information.” DXC said it had “robust security measures in place” to protect itself and clients, neither of which have “experienced a material impact” due to Cloud Hopper.
IBM has previously said it has no evidence sensitive corporate data was compromised by the attacks.
The Chinese government has consistently denied all accusations of involvement in hacking.