A hacker group that, according to Microsoft, works on behalf of the Chinese government, is exploiting vulnerabilities in the email server service Exchange.
Once they penetrated the servers, the hackers would steal data from the email service, the company writes on its blog.
Microsoft researchers attribute the attack "with great confidence" to a "state-controlled" hacker group from China that the company calls Hafnium.
It is unclear whether this is a hacker group that has not previously been identified - possibly under a different name - or whether there may be overlap with other Chinese hacker units.
Internet security firm Volexity also describes the attack and has seen in its investigation that attackers "stole the entire contents of multiple mailboxes".
Volexity does not say who may be behind the email theft and with what motive.
The company does speak of "very skilled attackers" and the blog post is labeled APT.
This term stands for
advanced persistent threat
and is used by the industry to refer to hackers operating on behalf of a nation-state.
A spokesman for the Chinese Ministry of Foreign Affairs said in a response that China disapproves of all types of cyber attacks.
"China hopes that the media and companies will adopt a professional attitude and behave responsibly," the spokesman said.
"Allegations of cyber-attacks should be based on sufficient evidence, as opposed to unsubstantiated guesses and allegations."