Six government agencies have been the victims of a major cyber attack targeting agencies and companies using Microsoft's Exchange Server email platform.

According to the German Information Technology Security Service (BSI), information may have been stolen from four German government agencies.

BSI does not say which authorities have been affected, but it would concern large and smaller organizations.

In addition to government agencies, thousands of companies are said to have been attacked.

According to experts, German companies are extra vulnerable, because they operate the mail program themselves or do so via heard data centers,

Der Spiegel

writes

.

Small and medium-sized companies are particularly at risk, because according to the BSI they often use even older versions of the mail program.

The vulnerability was not found in cloud versions of Exchange Server.

The hackers probably installed their own software on tens of thousands of servers through the leak.

With that software they may have been able to steal information that was on the servers.

According to Microsoft, there are Chinese state hackers behind the attack, who work under the name Hafnium.

The tech company has known about the weak spot in the mail program since January and last week published an update that closes the leak.

The Dutch National Cyber ​​Security Center (NCSC) said on Monday that people in the Netherlands have also been affected by the hack.

According to the NCSC, 40 percent of all Dutch Microsoft Exchange email servers are still vulnerable.