More than 20,000 U.S. organizations have been compromised through a back door installed via recently patched flaws in Microsoft’s email software Outlook.
The latest hack has left channels for remote access spread among credit unions, town governments and small businesses, according to records from the U.S. investigation. Tens of thousands of organizations in Asia and Europe are also affected.
The hacks are continuing despite emergency patches issued by Microsoft on Tuesday.
All of those affected appear to run Web versions of email client Outlook and hosting their own systems instead of relying on cloud storage.
White House press secretary Jen Psaki told reporters that the vulnerabilities found in Microsoft’s widely used Outlook servers were “significant,” and “could have far-reaching impacts.”
More attacks are expected from other hackers as the code used to take control of the mail servers spreads.