A cyberattack attack on Microsoft originating in China breached government email accounts, the company reported late Tuesday. The threat, labeled Storm-0558, has mainly targeted Western Europe government agencies using espionage to steal data and credentials access.

Microsoft opened an investigation into concerning mail activity on June 16 following complaints of compromised consumer accounts affecting roughly 25 organizations beginning on May 15. According to the internal investigation, Microsoft said Storm-0558 gained access to users’ emails by forging authentication tokens to obtain Microsoft account consumer signing key.

“Officials immediately contacted Microsoft to find the source and vulnerability in their cloud service,” National Security Council spokesman Adam Hodges told The Washington Post. “We continue to hold the procurement providers of the U.S. government to a high-security threshold.”

Microsoft said in its report that it has mitigated the threat and notified all organizations including government agencies that were affected, and said all activities by Storm-0558 have been blocked. To further protect users, Microsoft said: “We have continuously improved the security of the MSA key management systems since the acquired MSA key was issued, as part of defense in depth, to ensure the safety and security of consumer keys.”

Microsoft did not say if the Chinese government was involved in the cyberattack, but a Chinese foreign ministry spokesman, Wang Wenbin said in a routine briefing any accusation that its government was involved is “disinformation,” AP News reported. He re