On March 2, 2021 Microsoft detected multiple zero-day exploits being used to attack on-premises versions of Microsoft Exchange Server. Over 30,000 organizations in the US were attacked as hackers used several Exchange vulnerabilities to gain access to email accounts and install web shell malware. Microsoft suspected the attacks were carried out by a previously unidentified Chinese hacking group they dubbed Hafnium. Gartner analyst Peter Firstbrook said the hackers are looking for a rich attack environment, and targeting on-Premises software in organizations that dont pay much attention to legacy software updates is fertile ground.”]
Source: https://www.csoonline.com/article/3616699/the-microsoft-exchange-server-hack-a-timeline.html