{"id":53158,"date":"2023-08-10T14:20:35","date_gmt":"2023-08-10T14:20:35","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34893\/How-An-Unpatched-Microsoft-Exchange-0-Day-Likely-Caused-One-Of-The-UKs-Biggest-Hacks-Ever.html"},"modified":"2023-08-10T14:20:35","modified_gmt":"2023-08-10T14:20:35","slug":"how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\/","title":{"rendered":"How An Unpatched Microsoft Exchange 0-Day Likely Caused One Of The UK&#8217;s Biggest Hacks Ever"},"content":{"rendered":"<figure class=\"intro-image intro-left\"> <img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/07\/microsoft-800x600.jpeg\" alt=\"Building with Microsoft logo.\"><figcaption class=\"caption\">\n<div class=\"caption-text\"><a href=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/07\/microsoft.jpeg\" class=\"enlarge-link\" data-height=\"750\" data-width=\"1000\">Enlarge<\/a> <span class=\"sep\">\/<\/span> Building with Microsoft logo.<\/div>\n<div class=\"caption-credit\">Getty Images<\/div>\n<\/figcaption><\/figure>\n<aside id=\"social-left\" class=\"social-left\" aria-label=\"Read the comments or share this article\"> <a class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/security\/2023\/08\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\/?comments=1\"> <\/p>\n<h4 class=\"comment-count-before\">reader comments<\/h4>\n<p> <span class=\"comment-count-number\">30<\/span> <span class=\"visually-hidden\"> with <\/span> <\/a> <\/aside>\n<p> <!-- cache hit 149:single\/related:ac3e3421c61ad964aa2787ceb4df8166 --><!-- empty --><\/p>\n<p>It\u2019s looking more and more likely that a critical zero-day vulnerability that went unfixed for more than a month in Microsoft Exchange was the cause of one of the UK\u2019s biggest hacks ever\u2014the breach of the country\u2019s Electoral Commission, which exposed data for as many as 40 million residents.<\/p>\n<p>Electoral Commission officials <a href=\"https:\/\/www.electoralcommission.org.uk\/privacy-policy\/public-notification-cyber-attack-electoral-commission-systems\/information-about-cyber-attack\">disclosed<\/a> the breach on Tuesday. They said that they discovered the intrusion last October when they found \u201csuspicious activity\u201d on their networks and that \u201chostile actors had first accessed the systems in August 2021.\u201d That means the attackers were in the network for 14 months before finally being driven out. The Commission waited nine months after that to notify the public.<\/p>\n<p>The compromise gave the attackers access to a host of personal information, including names and addresses of people registered to vote from 2014 to 2022. Spokespeople for the Commission said the number of affected voters could be as high as 40 million. The Commission has not yet said what the cause of the breach or the means of initial entry was.<\/p>\n<p>Some online sleuthing independently done by <a href=\"https:\/\/techcrunch.com\/2023\/08\/09\/parsing-uk-electoral-commission-cyberattack\/\">TechCrunch reporter Zack Whittaker<\/a> and <a href=\"https:\/\/doublepulsar.com\/uk-electoral-commission-had-an-unpatched-microsoft-exchange-server-vulnerability-5436f3f5ec2c\">researcher Kevin Beaumont<\/a> suggests that a pair of critical vulnerabilities in Microsoft Exchange Server, which large organizations use to manage email accounts, was the cause. Tracked as CVE-2022-41080 and CVE-2022-41082, the remote code execution chain <a href=\"https:\/\/arstechnica.com\/information-technology\/2022\/09\/high-severity-microsoft-exchange-0-day-under-attack-threatens-220000-servers\/\">came to light<\/a> on September 30, 2022, after it had already been actively exploited for more than a month in attacks that installed malicious webshells on vulnerable servers. Microsoft issued guidance for mitigating the threat but didn\u2019t <a href=\"https:\/\/arstechnica.com\/information-technology\/2022\/11\/patches-for-6-zero-days-under-active-exploit-are-now-available-from-microsoft\/\">patch the vulnerabilities<\/a> until November 8, six weeks after confirming the existence of the actively exploited zero-day vulnerability chain.<\/p>\n<p>In the weeks following the discovery of the zero-days, Beaumont <a href=\"https:\/\/doublepulsar.com\/rackspace-cloud-office-suffers-security-breach-958e6c755d7f\">reported<\/a> that the mitigation measures Microsoft recommended could be bypassed. On Wednesday, he once again faulted Microsoft, first for providing faulty guidance and again for taking three months to release patches.<\/p>\n<aside class=\"ad_wrapper\" aria-label=\"In Content advertisement\"> <span class=\"ad_notice\">Advertisement <\/span> <\/aside>\n<p>\u201cAt the time Microsoft released temporary mitigations rather than a security patch\u2014it took until November 2022 for a security update to appear to fully resolve the problem,\u201d the researcher wrote. \u201cThis was a significant delay. In the meantime, the security mitigations Microsoft provided were repeatedly bypassed.\u201d Later in the post, he added, \u201cMicrosoft needs to ship security patches for Microsoft Exchange Server faster. It needs some kind of emergency patch pipeline.\u201d<\/p>\n<p>Citing results returned by the Shodan search engine for Internet-connected devices, both Beaumont and Whittaker said that the Commission ran an Internet-exposed on-premises Exchange Server with Outlook Web App until late September 2020, when it suddenly stopped responding. The searches show that Commission staff had last updated the server software in August. As already noted, August was the same month active exploits of vulnerabilities began.<\/p>\n<p>\u201cTo be clear, this means the Electoral Commission (or their IT supplier) did the <em>right thing<\/em>\u2014they were applying security patches quickly during this time in 2022,\u201d the researcher wrote.<\/p>\n<p>Better known as ProxyNotShell, CVE-2022-41082 and CVE-2022-41080 affect on-premises Exchange servers. Microsoft said in early October that it was aware of only a single threat actor exploiting the vulnerabilities and that the actor had targeted fewer than 10 organizations. The threat actor is fluent in Simplified Chinese, suggesting it has a nexus to China.<\/p>\n<p>In December, cloud host Rackspace <a href=\"https:\/\/www.rackspace.com\/newsroom\/rackspace-technology-hosted-exchange-environment-update\">disclosed a breach<\/a> that it <a href=\"https:\/\/status.apps.rackspace.com\/index\/viewincidents?group=2\">later said<\/a> was caused by the exploitation of a zero-day \u201cassociated with\u201d CVE-2022-41080. By that point, the patches Microsoft released had been available for four weeks. The latter post, which attributed the attacks to a ransomware syndicate tracked as Play, went on to criticize Microsoft\u2019s initial disclosure of the vulnerability.<\/p>\n<p>\u201cMicrosoft disclosed CVE-2022-41080 as a privilege escalation vulnerability and did not include notes for being part of a Remote Code Execution chain that was exploitable,\u201d Rackspace officials wrote.<\/p>\n<p>The hack of the Commission\u2019s Exchange server is a potent reminder of the damage that can result when the software is abused. It also underscores the harm that can happen when vendors fail to provide updates in a timely manner or issue faulty security guidance. Microsoft representatives didn\u2019t respond to an email seeking comment.<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34893\/How-An-Unpatched-Microsoft-Exchange-0-Day-Likely-Caused-One-Of-The-UKs-Biggest-Hacks-Ever.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":53159,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[10631],"class_list":["post-53158","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinehackermicrosoftemailbritaindata-lossflaw"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>How An Unpatched Microsoft Exchange 0-Day Likely Caused One Of The UK&#039;s Biggest Hacks Ever 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How An Unpatched Microsoft Exchange 0-Day Likely Caused One Of The UK&#039;s Biggest Hacks Ever 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-08-10T14:20:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/07\/microsoft-800x600.jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"How An Unpatched Microsoft Exchange 0-Day Likely Caused One Of The UK&#8217;s Biggest Hacks Ever\",\"datePublished\":\"2023-08-10T14:20:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\\\/\"},\"wordCount\":711,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever.jpg\",\"keywords\":[\"headline,hacker,microsoft,email,britain,data loss,flaw\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\\\/\",\"name\":\"How An Unpatched Microsoft Exchange 0-Day Likely Caused One Of The UK's Biggest Hacks Ever 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever.jpg\",\"datePublished\":\"2023-08-10T14:20:35+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever.jpg\",\"width\":800,\"height\":600},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,microsoft,email,britain,data loss,flaw\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackermicrosoftemailbritaindata-lossflaw\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How An Unpatched Microsoft Exchange 0-Day Likely Caused One Of The UK&#8217;s Biggest Hacks Ever\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How An Unpatched Microsoft Exchange 0-Day Likely Caused One Of The UK's Biggest Hacks Ever 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\/","og_locale":"en_US","og_type":"article","og_title":"How An Unpatched Microsoft Exchange 0-Day Likely Caused One Of The UK's Biggest Hacks Ever 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-08-10T14:20:35+00:00","og_image":[{"url":"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/07\/microsoft-800x600.jpeg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"How An Unpatched Microsoft Exchange 0-Day Likely Caused One Of The UK&#8217;s Biggest Hacks Ever","datePublished":"2023-08-10T14:20:35+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\/"},"wordCount":711,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/08\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever.jpg","keywords":["headline,hacker,microsoft,email,britain,data loss,flaw"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\/","url":"https:\/\/www.threatshub.org\/blog\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\/","name":"How An Unpatched Microsoft Exchange 0-Day Likely Caused One Of The UK's Biggest Hacks Ever 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/08\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever.jpg","datePublished":"2023-08-10T14:20:35+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/08\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/08\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever.jpg","width":800,"height":600},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/how-an-unpatched-microsoft-exchange-0-day-likely-caused-one-of-the-uks-biggest-hacks-ever\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,microsoft,email,britain,data loss,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackermicrosoftemailbritaindata-lossflaw\/"},{"@type":"ListItem","position":3,"name":"How An Unpatched Microsoft Exchange 0-Day Likely Caused One Of The UK&#8217;s Biggest Hacks Ever"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/53158","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=53158"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/53158\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/53159"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=53158"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=53158"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=53158"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}