Users of Microsoft's Outlook email service in China had their accounts hacked on Saturday 17 January by the Chinese government, according to web monitoring website GreatFire.org.
The attacks affected people using email clients such as Outlook, Mozilla's Thunderbird and apps on their smartphones that use the SMTP and IMAP protocols, but did not affect the browser versions such as www.outlook.com.
The man-in-the-middle attack used by the hackers allowed them to intercept conversations between victims, which appear to be private but are in fact controlled by the hackers.
GreatFire.org was able to reproduce the results seen by victims, including the fake certificates used by the hackers to pretend they were the intended recipient.
"If our accusation is correct, this new attack signals that the Chinese authorities are intent on further cracking down on communication methods that they cannot readily monitor," a blog post said on Monday 19 January.
The attack on Outlook comes just a month after the Chinese government blocked the use of Google's Gmail service in the country.
According to GreatFire.org, which monitors and reports on Chinese internet censorship, the attack was carried out by the Cyberspace Administration of China (formerly known as the State Internet Information Office), which directly governs the certificate authority known as the CNNIC (China Internet Network Information Center).
In its blog post, GreatFire.org warned: "Given the dangerous nature of this attack on Outlook, we again strongly encourage organisations, including Microsoft and Apple, to immediately revoke trust for the CNNIC certificate authority."